LightNews
johnhammond.bsky.social
John Hammond
@johnhammond.bsky.social
8.4K followers 28 following 140 posts
Hacker. Friend. Cybersecurity Researcher at Huntress.
Posts Media Videos Starter Packs
johnhammond.bsky.social
John Hammond @johnhammond.bsky.social · 3d
An idea I had some time ago was to create an open-source project with community contributions to centralize different social engineering lure techniques & native GUI tools that could be leveraged for ClickFix... a LOLBins-style site w/ mitigations. Video: youtu.be/UQqsaO5k2M0
2 2 8
johnhammond.bsky.social
John Hammond @johnhammond.bsky.social · 8d
And a HUGE thank you to Hex-Rays for sponsoring this video! Disassemble, decompile & debug with IDA Pro, the state of the art binary code analysis tool. Code HAMMOND50 takes 50% off any IDA Pro product and HAMMOND30 takes 30% off any IDA Pro training 😁 jh.live/hex-rays
Hex-Rays: State-of-the-Art Binary Code Analysis Tools
Professional binary analysis with IDA Pro disassembler and decompiler. Tools for reverse engineering, malware analysis, and vulnerability research.
jh.live
2
johnhammond.bsky.social
John Hammond @johnhammond.bsky.social · 8d
Golang reverse engineering walkthrough! A challenge we solve with three different approaches: (1) static analysis with IDA, (2) dynamic analysis in a debugger and (3) patching the binary and switching to a desired code path 😎 youtu.be/4-7zcq5-cNA
1 1 10
johnhammond.bsky.social
John Hammond @johnhammond.bsky.social · 15d
Big thanks to Elastic for their support and partnership with this video -- you can check out what Elastic has to offer across SIEM, EDR and more all for free: jh.live/elastic
Next-gen SIEM solution | Security information and event management
Next-gen SIEM from Elastic Security arms SOC analysts to detect, investigate, and respond faster. Apply limitless visibility, advanced analytics, and AI....
jh.live
1
johnhammond.bsky.social
John Hammond @johnhammond.bsky.social · 15d
A chat and demo with James Spiteri to see just how easy it is now to spin up Elastic -- and all that includes for free! We test malware, ES|QL, detections, AI triage, hunting, and everything free and easy for home labs, education, and real environments! 😄 youtu.be/7Z2zObdhN-Q
1 6
johnhammond.bsky.social
John Hammond @johnhammond.bsky.social · 17d
And a hat-tip to @ rd_pentester for his original blog writeup covering ServiceUI.exe!
3
johnhammond.bsky.social
John Hammond @johnhammond.bsky.social · 17d
Huge thanks to AttackForge for sponsoring this video! Manage your penetration testing programs and deliver large-scale pentesting services with AttackForge -- get started with a self-service free trial: jh.live/attackforge
Try AttackForge - Pentest Management and Reporting
Leverage features that help you manage and deliver your pentesting better
jh.live
1 2
johnhammond.bsky.social
John Hammond @johnhammond.bsky.social · 17d
Video showcase of the ServiceUI.exe living-off-the-land (sorta) binary: elevation to NT AUTHORITY\SYSTEM, proxied execution that may evade detections AND a viewer-submitted PowerShell wrapper for spawning cmd.exe as Trusted Installer with all privileges 😎 youtu.be/BsEwsKQJtk8
2 7
johnhammond.bsky.social
John Hammond @johnhammond.bsky.social · 29d
And a huge thanks to Specops Software for sponsoring this video and their continued support of the channel! Protect your organization with stronger passwords, and continuously scan and block over FOUR BILLION breached passwords with SpecOps Software! jh.live/specops-yt
Products
Industry leading password security & end user authentication products - natively integrated with AD.
jh.live
4
johnhammond.bsky.social
John Hammond @johnhammond.bsky.social · 29d
Clever & cutesy malware infection chain, starting with a typosquat domain, "ClickFix-like" setup but actually not ClickFix -- search-ms: handler to attacker network share, fake PDF lure to download and run an MSI-- ultimately another commodity stealer tho. youtu.be/EZ6TEjx7JLw
1 10
johnhammond.bsky.social
John Hammond @johnhammond.bsky.social · Sep 4
Big thanks to Drata for being the sponsor of this video and their continued support of the channel! Bring Governance, Risk and Compliance (GRC) work into the modern age with Drata: jh.live/drata
Drata + John Hammond
Automate Evidence Collection. Collect documentation from your tech stack. 190+ integrations and an open API.
jh.live
johnhammond.bsky.social
John Hammond @johnhammond.bsky.social · Sep 4
Top 5 Ways You Get Hacked -- casual video without a demo, but some fun looking through a recent writeup (or low-key rant, they say) from @SecurityAura "Ransomware in SMBs: Top 5 Missing or Incomplete Controls That Could Help Prevent or Cripple Attackers" youtu.be/AG3DYX4_EE4
1 1 8
johnhammond.bsky.social
John Hammond @johnhammond.bsky.social · Sep 3
Very late on getting this video out the door, but a teeny weeny showcase of the recent Docker for Desktop on Windows & MacOS container escape, CVE-2025-9074 -- proof of concept was included so a simple demo of arbitrary file write & file read on the host: youtu.be/dTqxNc1MVLE
4 5
johnhammond.bsky.social
John Hammond @johnhammond.bsky.social · Aug 28
Big thanks to Flare for sponsoring this video and their continued support of the channel! Track data on the dark web and manage threat intelligence for your exposed attack surface with Flare -- try a free trial and see what info is out there: jh.live/flare
See Threats Before They See You
Flare continuously monitors the dark web and criminal underground to help you detect and respond to cybersecurity risks faster.
jh.live
1
johnhammond.bsky.social
John Hammond @johnhammond.bsky.social · Aug 28
The fake EUROPOL / Qilin ransomware gang notice that flew around a few weeks ago was a funny story. I yapped about it in a video and briefly peeked into some Telegram channels to see cybercrime kiddos dropping LOLs and LMAOs on their counterintel op: youtu.be/gJ7gjZr6qIk
1 2
johnhammond.bsky.social
John Hammond @johnhammond.bsky.social · Aug 26
Big thanks to Antisyphon Training and Black Hills information Security for sponsoring this video and their continued support of the channel! Jump into "Pay Forward What You Can" training at Antisyphon Training, at whatever cost makes sense for you! jh.live/pfwyc
Pay Forward What You Can - Antisyphon Training
Hands-On Cybersecurity Training Starting at $0.00 – Join us Live or On-Demand! Includes Cyber Range Access, Certificate of Completion, and six months access to class recordings!
jh.live
3
johnhammond.bsky.social
John Hammond @johnhammond.bsky.social · Aug 26
Video showcase of the recent WinRAR 0-day, CVE-2025-8088, uncovered by ESET after threat actor RomCom exploited it in the wild leveraging alternate data streams & path traversal on Windows -- we examine the uncovered RAR file and a proof-of-concept demo! youtu.be/rkMNOC8fhUQ
1 3 11
johnhammond.bsky.social
John Hammond @johnhammond.bsky.social · Aug 25
Big thanks to @PortSwigger for sponsoring this video -- you can read all the details about his insane research here jh.live/http1mustdie and see what else him and PortSwigger and the whole @Burpsuite team are up to: jh.live/portswigger :)
HTTP/1.1 Must Die
Upstream HTTP/1.1 is inherently insecure, and routinely exposes millions of websites to hostile takeover. Join the mission to kill HTTP/1.1 now
jh.live
4
johnhammond.bsky.social
John Hammond @johnhammond.bsky.social · Aug 25
I FINALLY got a chance to chat with James Kettle @albinowax and hear about his latest research, with a cool caption "HTTP/1.1 Must Die" 😎 Mind-blowing work including desync attacks and critical vulnerabilities affecting websites & CDNs... and a demo! youtu.be/n3Bw8CASnHE
1 1 10
johnhammond.bsky.social
John Hammond @johnhammond.bsky.social · Aug 22
the recording of my talk on the Black Hat show floor is up on yout00b :) youtu.be/whhOYRWd_rs
1 10
johnhammond.bsky.social
John Hammond @johnhammond.bsky.social · Aug 21
Big thanks to @AnyDesk for sponsoring this video and their continued support of the channel! Join the fight against scammers alongside AnyDesk, with fast remote desktop software and access from anywhere! jh.live/anydesk
Download AnyDesk for Free
Download AnyDesk for free and access, control and administrate all your devices when working remotely.
jh.live
3
johnhammond.bsky.social
John Hammond @johnhammond.bsky.social · Aug 21
An alternative to Shift+F10 to open an administrative command prompt during the Windows initial setup and Out-of-Box-Experience (OOBE) -- video showcase of @_bka_ 's newfound trick to revive a simple method for backdoors and unintended access: youtu.be/idogu3Y6ia8
1 8
johnhammond.bsky.social
John Hammond @johnhammond.bsky.social · Aug 20
Big thanks to @FlareSystems for sponsoring this video and their continued support of the channel! Track data on the dark web and manage threat intelligence for your exposed attack surface with Flare -- try a free trial and see what info is out there: jh.live/flare
See Threats Before They See You
Flare continuously monitors the dark web and criminal underground to help you detect and respond to cybersecurity risks faster.
jh.live
1
johnhammond.bsky.social
John Hammond @johnhammond.bsky.social · Aug 20
The ん Japanese hiragana character: recently used in Booking[.]com phishing campaigns as a "Punycode" Unicode lookalike symbol for forward slashes in URL links! Homoglyph attack that makes us curious what, if any, other lookalike characters do the same: youtu.be/nxVr4ERhrPQ
1 4 12
johnhammond.bsky.social
John Hammond @johnhammond.bsky.social · Aug 19
Big thanks to our channel partners @SpecterOps for their support with this video 💙 Map anything with the free and open-source BloodHound Community Edition, or defend your environment with Bloodhound Enterprise! jh.live/bloodhound
BloodHound Feature Comparisons - SpecterOps
BloodHound 8.0 update adds BloodHound OpenGraph — expanding attack path visibility beyond AD and Entra ID. Learn More
jh.live
1 1