Jonathan Afek

@ITangoI @daniel_mac8 @DavidSacks This is what mobb.ai is here to solve!

@daniel_mac8 @DavidSacks Code surface area increases as does security ramifications. A golden age in exploitology.

Coding assistants are the first big break-out application of AI (aside from the chatbots themselves). Products like Cursor and Replit are compounding revenue at unprecedented rates. The ramifications of moving from a world of code scarcity to code abundance are profound.

POV: You just discovered #Mobb and can now fix security code vulnerabilities in one click all from within @github. Check it out 👉 mobb.ai/github-fixer

@halvarflake Interesting, I guess it is.. Though requires more work to adjust and/or wrap it for each language over putting it in a service.

@JonathanAfek Isnt that also doable for a library?

There's a lot of microservices hate, but there are also terrible balls of yarn. It reminds me that many orgs are not good at engineering. A few rules that have served me well: 1) architect your software, have a diagram. ...

@halvarflake Another reason is shared logic that you want to use from different languages

5) There are two primary reasons to make a box a service: you need parallelism for a box that one machine cannot do, or the box is used by many other boxes and manages state. (Plz reply if you know other good reasons, my list is incomplete).

After two years of research that started at @alephsecurity and ended at @CyberarkLabs, I'm very excited to present my research on attacking ISPs via layer-2 PPPoE protocol live at @defcon!!!! #defcon #defcon30 #pppoe #ppp @CyberArk forum.defcon.org/node/242004

נקודה למחשבה, בין 9.4.2019 ל 23.3.2021 מקום העבודה שלך שילם על 4 ימים בהם נעדרת כדי ללכת להצביע. אם נהיה כנים לא משהו הצליח לך כי הנה זה קורה שוב אבל השנה זה יכול להיות שונה אני ו @JonathanAfek מגייסים לסטארט אפ החדש שלנו, הפעם מקום עבודה חדש יכול לשלם לך על יום הבחירות

אני מגייס את צוות ההקמה של המיזם החדש של @EWorcel ושלי - Mobb. נשמח לקבל את עזרתכם בגיוס מפתחי סקיוריטי חזקים וכהוקרה נשלח מתנה ממש שווה למי שיעזור למצוא מועמד שיצטרף. linkedin.com/feed/update/ur…

If you fit the description and are intrigued about joining the core team of Mobb, please contact me.

We are looking for experienced, open-minded security researchers, developers, and DevOps engineers to join us in our newly funded remote-first startup. Aiming to do what was once considered almost impossible - automatically remediate security vulnerabilities.

I’m excited to share that I have been busy with a new project lately. I joined forces with @EWorcel to work on the next evolution of application security and we are looking for people to join us on this path.

know any great community manager? I have a bunch of questions and would appreciate an intro

Presenting a short walkthrough on our journey running QEMU AFL++ on android we've done a few months ago @hackerschoice alephsecurity.com/2021/11/16/fuz…

As per the Linux embargo policy, a potential LPE Linux kernel vulnerability @Gr33nh4t discovered was made public today, 14 days after disclosure. Here are the details. alephsecurity.com/2021/10/20/sud…

During the pandemic @Gr33nh4t & @waveburst decided to improve our own office wireless equipment by finding vulnerabilities in them. Check out our new blog post about that! @ArubaNetworks alephsecurity.com/2021/07/15/aru…

We are excited to share an #XXE vulnerability in the JDOM @java library! discovered by @ST42562572 alephsecurity.com/vulns/aleph-20…

github.com/alephsecurity/… github.com/alephsecurity/…

The code is a little bit raw with sparse documentation. I hope to get it in shape when I get back to it. Feel free to open PRs if you look into it before that.

I am releasing some of the stuff I have been working on, on side branches as the work is not complete and still pretty raw. This is in case anyone wants to use it as is or continue to work based on this.