Lmst
Login
sydney

| search "thrunter"
| eval specialty="Purple Team, Treat Hunter, Lifting Heavy Things"

pronouns
she / her
x
x.com/letswastetime
Bluesky
bsky.app/profile/letswastetime
sydneyletswastetime@infosec.exchange
2026-02-03

#threathunting #threatdetection #thrunting #agentai #openclaw #clawdbot #moltbot

sydneyletswastetime@infosec.exchange
2026-02-03

OpenClaw isn't malware. It's a legitimate tool that store credentials, retain memory, and act autonomously. That's what makes it dangerous when misused.

Full behavioral breakdown in our latest Hunt Mode post.

🦀 nebulock.io/blog/hunting-openc

sydneyletswastetime@infosec.exchange
2026-01-27

You don’t need a desk to build.

Last month, I used AI more from my phone than I did from my desk.

What mattered was removing friction and building where ideas actually show up. Couch. Bed. Airport. Ten minutes at a time.

With the right systems, context persists. You don’t start over every time you sit down.

Start now. Wherever you are.

👉 Full post:
dispatch.thorcollective.com/p/

#building #ai #softwaredevelopment #neurodiversity #shipping #threathunting #thrunting #THORcollective

sydneyletswastetime@infosec.exchange
2026-01-20

“I’m not a developer” is a self-imposed limit.

If you’ve written a query, a script, or an automation to fix a problem, you’re already building. That counts.

In the latest THOR Collective Dispatch, we talk about why building is a core security skill and why more practitioners should stop waiting for permission.

What are you building next?

dispatch.thorcollective.com/p/

#infosec #threathunting #builders #ai #thrunting #THORcollective

sydneyletswastetime@infosec.exchange
2026-01-15

DigitStealer is an excellent example of where macOS malware is heading: multi-stage, modular, and using legit macOS tools like it belongs there.

Detect the attack, not the sample.
Shoutout Jamf Threat Labs 🙌

nebulock.io/blog/hunting-digit

sydneyletswastetime@infosec.exchange
2026-01-15

#threathunting #macos #cybersecurity #dfir #thrunting

sydneyletswastetime@infosec.exchange
2026-01-01

80 posts. We kept hitting publish.
This year was about doing the work, writing it down, and sharing it anyway.
If you read, argued, bookmarked, or built alongside us, thank you.
Happy New Year. Happy thrunting.

dispatch.thorcollective.com/p/

#threathunting #infosec #cybersecurity #thrunting #THORcollective

sydneyletswastetime@infosec.exchange
2025-12-17

I’m excited to share Hunt Mode, a new guided hunt series from Nebulock focused on real-world threats.

The first hunt dives into CVE-2025-55182, highlighting the behaviors the exploit leaves behind after initial access.

Join the hunt 👉 nebulock.io/blog/cve-2025-5518

sydneyletswastetime@infosec.exchange
2025-12-11

It's happening!

Meet the Agentic Threat Hunting Framework (ATHF).

Tired of copy-pasting the same hunt template over and over? Same. I built a framework designed for an AI-assisted future that adds structure, memory, and context to every hunt.

Come check it out, so you never have to say “uhh, what was our last hunt?” again.

nebulock.io/blog/agentic-threa

sydneyletswastetime@infosec.exchange
2025-11-25

November’s @THOR_Collective Dispatch Debrief is live with SCADA weirdness, Taylor’s Version SOC vibes, and purple team chaos.

Come thrunt with us.

dispatch.thorcollective.com/p/

#threathunting #cybersecurity #thrunting #soc #blueteam #detectionengineering #incidentresponse #cyberdefense #aiinsecurity #agenticai #scada #otsecurity #purpleteam #grc #peakframework #THORcollective #dispatchdebrief

sydneyletswastetime@infosec.exchange
2025-11-13

Have you ever run the best hunt of your life and then forget how two weeks later?
Same.

Meet the PEAK Threat Hunting Template. Built to make your hunts repeatable, reviewable, and impossible to lose.

👉 Read on THOR Collective Dispatch - dispatch.thorcollective.com/p/

#threathunting #cybersecurity #soc #dfir #blueteam #thrunting #thrunting #THORcollective

sydneyletswastetime@infosec.exchange
2025-11-11

🎤 The Autonomous SOC (Taylor’s Version)
Guest post with Kassandra Murphy

AI hype is loud. Most teams are just automating chaos.
Fix the basics first. Then scale the magic.

Read it on THOR Collective Dispatch.
Autonomy doesn’t replace us. It remasters us.

dispatch.thorcollective.com/p/

#autonomousSOC #taylorsversion #cybersecurity #threathunting #SOClife #detectionengineering #automation #THORcollective #infosec #securityoperations

sydneyletswastetime@infosec.exchange
2025-11-06

In the latest guest post, threat hunter Sam Hanson walks through two real TTP-driven hunts — KurtLar_SCADA and a strange .NET Modbus binary — showing how simple hypotheses can surface novel activity without chasing IOCs.

IOCs show where the fire was.
TTPs show where it will be.

Read it on THOR Collective Dispatch → dispatch.thorcollective.com/p/

#threathunting #ICS #OTSecurity #THORcollective #thrunting #threatdetection #threatintel

sydneyletswastetime@infosec.exchange
2025-10-30

October delivered AI agents, time mastery, and a few purple team curveballs. From scaling hunts like code to aligning GRC with threat-informed defense, this month’s Dispatch lineup hit every layer of the stack.

Read the full recap:
đź”— dispatch.thorcollective.com/p/

#threathunting #cybersecurity #THORcollective #purpleteaming #baselines #grc #thrunting #ai

sydneyletswastetime@infosec.exchange
2025-10-28

Finding nothing ≠ failing the hunt.
Sometimes “nothing” is the loudest signal that your defenses worked.

Lauren Proehl breaks down how to measure the quiet wins in in one of my favorite THOR Collective Dispatch posts:

dispatch.thorcollective.com/p/

sydneyletswastetime@infosec.exchange
2025-10-09

“Give a CTI analyst an indicator, they’ll be fed for a day.
Teach a CTI analyst to hunt for TTPs, and they’ll be fed for a lifetime.”

In this week’s THOR Collective Dispatch, Sam Hanson lays out how to move beyond indicator-based hunting and build detection muscle that actually scales.

👉 dispatch.thorcollective.com/p/

#threathunting #cybersecurity #TTPhunting #mitre #THORcollective #thrunting #infosec #cybersecurity

sydneyletswastetime@infosec.exchange
2025-10-07

If tstats gives you speed and eventstats gives you context...timechart gives you shape.

This week’s THOR Collective SPL Dispatch breaks down how to use timechart to uncover rhythm, automation, and the occasional cron job masquerading as “normal.”

dispatch.thorcollective.com/p/

#splunk #threathunting #cybersecurity #infosec #THORcollective #thrunting

sydneyletswastetime@infosec.exchange
2025-10-02

Threat hunting gets messy fast when your “documentation” lives in Slack threads and sticky notes.

That’s why in Part 2 of our Agentic Threat Hunting series, I walk through the first real step to scaling: putting your hunts in a GitHub repo and giving your AI sidekick a memory.

Full post: dispatch.thorcollective.com/p/

#threathunting #thrunting #cybersecurity #AI #thrunting #THORcollective #AIbestie

sydneyletswastetime@infosec.exchange
2025-10-01

✨ To get you ready for Taylor Swift’s latest album, here’s something to hold you over… ✨

🎶 I put together a playlist called Life of a Detection Girl - 12 tracks inspired by the storytelling of Taylor Swift and Alex Hurtado, with a touch of cyber woven in.

Give it a listen and let me know your favorite track!

suno.com/playlist/5cf27de7-59b

sydneyletswastetime@infosec.exchange
2025-09-26

From temporal to behavioral, baselines are the thrunter’s compass. September’s Dispatch from THOR Collective shows how to use them to sharpen the hunt and includes ten baseline hunts you should be running now.
đź”— dispatch.thorcollective.com/p/

#threathunting #baselines #cybersecurity #THORcollective #thrunting #infosec

Client Info

Server: https://mastodon.social
Version: 2025.07
Repository: https://github.com/cyevgeniy/lmst