It's time for our first ATX Gopher meetup of the year! If you are in Austin and write Go code (or would like to start), please join us at 6:30pm at Station Austin (co-located with Capital Factory). Charles and I will be providing pizza and drinks as usual, we have a guest speaker lined up for the main session, and a few smaller talks available as time permit (
I plan to cover two new projects: 1. & 2).

https://www.meetup.com/atxgolang/events/312781553/?_xtd=gqFyqDc2Njk0NTQyoXCjYXBp&from=ref

1. https://github.com/runZeroInc/go-rod
2. https://github.com/runZeroInc/conniver/

The CFP for SO-CON 2026 closes in about 12 hours (11:59 2025-11-15)! Have a cool approach to attack path management (or awesome connector for BloodHound OpenGraph)? Submit ASAP:

https://specterops.io/so-con/

The clever folks at Grumpy Goose Labs have published even more ways to identify unauthorized IP KVMs across your environment, with some great memes to boot! Be KVM, Do Fraud - https://blog.grumpygoose.io/be-kvm-do-fraud-8ab523d26c9d

Identify insecure TLS services with the enhanced runZero Certificate Inventory: https://www.runzero.com/blog/identify-insecure-tls-services/

Austin Hackers Anonymous (AHA) is TONIGHT (2025-10-30) https://takeonme.org/ - Have some zero-day to share? AHA is an official CNA and will issue CVEs for vulnerabilities disclosed at the meeting. I'm planning to demo more SSHamble.com findings along with BloodHound OpenGraph stuff. See yall soon!

Just like chocolate and peanut butter, runZero and BloodHound are an amazing combination. Today we are introducing runZeroHound - an open source toolkit for bringing runZero Asset Inventory data into BloodHound attack graphs, using the brand new OpenGraph feature in BloodHound v8. Check out the announcement and open source code at: https://www.runzero.com/blog/introducing-runzerohound/

SpecterOps released "DumpGuard" along with a detailed article on how they were able to bypass Windows Credential Guard in both privileged and unprivileged contexts. I learned a ton about Isolated LSA and friends. Its funny to see that DES-cracking of NTLMv1 challenges is still relevant (and that https://ntlmv1.com/ has supplanted https://crack.sh).

Article: https://specterops.io/blog/2025/10/23/catching-credential-guard-off-guard/

DumpGuard: https://github.com/bytewreck/DumpGuard

Today's runZero Hour is up with Rob King, Tod Beardsley, and EOL expert and technology necromancer, captn3m0 (pronounced “nemo”). They will summon and explore runZero’s latest research paper, “Undead by design: Benchmarking end-of-life operating systems”, which digs deep in real customer networks to get a sense of just how prevalent running EOL OSes are – and it's spine-chilling!

https://www.youtube.com/watch?v=BXBbNP5yadA

JawnCon (https://jawncon.org/) 0x02 just wrapped! I wish I could make it this year, but settled for catching the talks on the live stream:

Main Stage Day 1: https://www.youtube.com/live/Cvf-mAdnPl0?lc=UgwMOtdPezSwFxO8Idx4AaABAg

Man Stage Day 2: https://www.youtube.com/watch?v=bcr6bCopBD4&lc=UgwosGFE2kBooWoQhVR4AaABAg

Classroom Day 2: https://www.youtube.com/watch?v=1aML2dzB9YI&lc=UgyhvLYDwsDpJ6UqHa94AaABAg

Hello Austin Gophers! Join us tonight, Wednesday, October 8th, 2025 for two hours of lightning talks and discussion at the ATX Go meetup. This is hosted by Capital Factory and runs from 6:30 PM to 8:30 PM central (with pizza and drinks!): https://www.meetup.com/atxgolang/events/305492512/