Miranda stays on for all three segments: a speculative discussion on “alt-phishing,” an in-depth interview on offensive AI security, and a final review of some standout AI red team tooling, including Microsoft’s new open-source platform “PyRIT.”

We also recently attended the BSides conference at the end of September and met with some amazing people. We managed to record some of our conversations, and present them here in all their glory. Enjoy!

As a penetration tester, Matthew has extensive experience in both private and public sectors, performing technical security assessments, and penetrating large, complex organisation systems with demonstrated impact against high-profile targets. Matthew enjoys performing realistic security assessments, identifying root cause issues of technical problems, and explaining them to every level of audience.

We also chat about whether or not AI will ever get good at red teaming and hacking, and then review the popular tool Responder.

On ground at the Las Vegas Convention Center, unsurprisingly in Las Vegas, Nevada, the Redacted founders met, in no particular order, with:

1. Aerospace – Spanky (https://www.aerospacevillage.org/) 2. Biohacking – Nina (https://www.villageb.io/) 3. Blue Team Game – Amy (https://www.cygence.com.au/about) 4. Car Hacking – Ben (https://www.carhackingvillage.com/) 5. ES 1 – Ben (https://embeddedvillage.org/) 6. ES 2 – Tivo (https://embeddedvillage.org/) 7. ES 3 – Thomas (https://www.linkedin.com/in/stacksmashing/) and he talks about hextree (https://www.hextree.io/) 8. Game Hackers – Julian (https://gamehacking.gg/) 9. IoT – Ben (https://iotvillage.org/index.html) 10. RF – ZeroChaos and Wasabi (https://rfhackers.com/) 11. Tamper Evident – Morfir (https://forum.defcon.org/node/14513?t=13456) 12. Tryhackme – Ashu (https://tryhackme.com/) (https://www.linkedin.com/in/ashu-savani/) 13. Voting – Harri (https://www.votingvillage.org/about) 14. XR village – Starr (https://www.xrvillage.org/)

Naima

Naima is a senior consultant and penetration tester with extensive experience in web application security, organisation, and network penetration testing and policy development. Naima has a Bachelor of Science (Chemistry) and a Master of Cyber Security. Her experience includes identification of a critical business logic flaw in a SalesForce application that led to a vulnerability that could have resulted in a $20,000 per attack to a client if publicly identified, as well as chained application vulnerabilities that saw a large-scale simulated data compromise against a client. Naima’s recent work has been the development of risk assessments for a large federal government client.

Nathan

Nathan is a highly competent Principal consultant and penetration tester with extensive expertise in network penetration testing and a solid background in red teaming. He possesses a deep interest in various areas, including internal and external infrastructure, wireless security, web application testing, and compliance. His core skill set encompasses web penetration testing, network penetration testing, infrastructure review, as well as exceptional customer service. With a strong foundation in critical and analytical thinking, Nathan consistently delivers comprehensive and effective solutions. Additionally, he takes charge of overseeing the development of Mercury’s adversarial C2 infrastructure, showcasing his leadership and technical prowess. Nathan has also conducted wireless workshops at the ADF Cyber Skills Challenge, teaching the community about wireless security.