Adam Langley

Saturday Fun ☺️ The team decided to have some fun with Ada and AI yesterday, can you recognise some of the classic computer games? There will be a lot more of this in the brand new Retro Village, new to BSides! Don't forget your tickets! #oooarrcyber

@ryancbarnett Regex will do this to you!

I love regex... @BuildHackSecure 😂

Excited to bring Bug Bounty Village back to BSidesSF with @hackinghub_io and @CaidoIO with @Bugcrowd's support! We'll be hosting some live workshops, hands-on challenges, and a CTF!

Bring back gatekeeping

Welcome to the next recession

@YShahinzadeh Just to add clarity for others this is because the DataTable function adds content to the page using .innerHTML rather than innerText which would safely escape the HTML. Thanks for sharing.

a domXSS tip? DataTable() is a dangerous sink that is often overlooked. Having control over input → domXSS. Works on the latest version of jQuery and DataTables. If you have control over the JSON response, you can achieve XSS:

I found really interesting XSS at a @hacker0x01 LHE that required a few bypasses. Do you think it was worth $15,000? youtu.be/oJM8GxyWs20

@Jhaddix Not profressional video, labs, gamified web apps, curating content, flying to conferences sharing methodology etc I totally agree that 90% of the info is out there for free but if you want it curated, with labs etc and explained properly by a pro then there's going to be a price!

@Jhaddix We have a weird history of "information should be free" in our little hacker corner of the world. And I get it, and agree with it quite a bit, but it also stems back from "information should be free" was just someone uploading a txt document to an ftp server (1/2)

Just a reminder: I give away many of my tips tricks, research, and methodology via conference talks, podcasts, free workshops, webinars, blogs, here on Twitter, and via my newsletter Executive Offense. I’ve contributed code to many tools. I write and release tools myself, in FOSS. I have done this for 21 years. I never stopped. I just charge for classes now that are the ultimate curation of all those things. Updates? Yeah modern research and updates in charge for. I have a family, sue me I guess. Thanks to the two assholes who sent me dm dissertations on how I’m a sellout influencer and that real hackers release everything for free. Saying that my all my contributions are null and void for running courses. Really makes me want to keep doing it. These aren’t bots either, there are real people in the industry at real consultancies. That’s cool I guess. To be an asshole and meme 💯 of the time is in style. Better be sure that if I see you on the signup list or anyone from your consultancy… you are not welcome at Arcanum stuff. Gl and have a wonderful life 🤗

@lingodotdev Nearly as many as Monkey Island 2

Imagine trying to install Windows 11 like this 🫣

I officially have a better voice than @NahamSec as voted for by the people.

This looks awesome!

Hey, did you watch that new movie on Rakuten TV..... Said no one ever, how did they get on tv remotes?

@hackinghub_io Always Breaking Code

In hacking, what does ABC stand for? (Wrong answers only).  Our answer: Always Be Crying (over duplicates). 🥲 Let’s hear yours! 👇

@UK_Daniel_Card How is it ironic? Never said anything negative about AI ( although there's lots to say ). I'm making the point that AI alone isn't enough to make applications that are well built, manageable, secure, scalable and heavily lean on infra without lots of years of experience.

@BuildHackSecure 'why real-world experience still matters in the AI era' :P

CTF without the D… or the k8. 1,500 hackers. Under 1s challenge launches. Zero off-the-shelf CTFd. I wrote a deep dive into how we built our CTF + HackingHub infra from scratch, and why real-world experience still matters in the AI era. 👇 linkedin.com/pulse/ctf-with…

@UK_Daniel_Card Yeah the tweet definetly was lol

@BuildHackSecure I mean't the tweet... I'm dyslexic too 🤗

@L0rd5ud0 It's difficult to be honest. For a CTF especially one we've been comissioned to do I go over kill and chuck a bunch of resources at it. After a couple of hours I'll scale things down depending on system load.

@BuildHackSecure This is so amazing and brilliant at the same time.. Could you maybe highlight overall base compute required?

@UK_Daniel_Card Improved by AI, I spent about an hour writing it. I'm dyslexic and find it useful for spelling and grammar improvements.

@BuildHackSecure Written by AI 🤖