Tim McGuffin

9.8K posts

Tim McGuffin banner
Tim McGuffin

Tim McGuffin

@NotMedic

Back to Red Teaming. Risk Hunter. DEFCON Staff & CFP Board. MS in DF. Fmr Fire/EMS. Red and Blue. Builder. Morally Flexible. https://t.co/zakkIXeyHu @ bluesky

Katılım Şubat 2011
1.7K Takip Edilen5.8K Takipçiler
bob
bob@cheeseanddope·
@HackingLZ Also gotta getchu one of these:
bob tweet media
English
1
0
2
51
Justin Elze
Justin Elze@HackingLZ·
I got a truck and cowboy hat since I moved. I should probably sign up for an LTC class now.
English
7
0
26
2.2K
Tim McGuffin retweetledi
Scott Ullrich
Scott Ullrich@sullrich·
I co-founded pfSense. For the last year I've been building its successor. If you run pfSense today, you already know the reasons to look around: development you can't influence, a CE edition that feels like an afterthought, FreeBSD driver roulette on modern hardware, and a config workflow where one bad apply on a remote box means a drive. nfSensei is my answer. Built from scratch in Rust, on Linux, and designed around the things pfSense users actually complain about. Your config.xml imports. There's an importer that reads your pfSense config, shows you exactly what maps over and what needs attention, then applies it. You don't start from zero. You can't brick it from the couch. Changes stage as a candidate, diff before apply, validate through the real engines before anything is written, and auto-roll-back if you don't confirm in time. If a config ever fails at boot, the box falls back to the last good one on its own. The hardware works. Linux base means modern NICs and drivers just work — and the fast path compiles your rules to XDP at 40Gbps. Automation is native, not scraped. Everything the UI does is a documented API call — about 1,140 of them, with a built-in explorer. Your Ansible finally gets a real interface. The VPNs are current. WireGuard, IPsec, Tailscale, and self-hosted mesh — your own control plane, your keys — plus post-quantum key exchange where it counts. The experimental stuff has its own wing. Thirty-plus Labs features behind toggles: WAN bonding that fuses multiple cheap uplinks through a $5 VPS into one resilient pipe, per-flow SLA telemetry with tamper-evident audit chains, GeoDNS that steers traffic by live RTT and load, application-aware QoS, config push to a whole fleet of remote nodes, and an AI assistant on the box that reads your actual interfaces and logs using local models. Toggles are per-browser and can't touch your running config — flip things on, break them, tell me about it. Oh, and there is much more to mention here! Self-hosted, on your hardware, no cloud account, no subscription. It's NOW IN ACTIVE BETA (previously alpha) with about 40 testers, and bug reports typically get fixed in days. I want more people who know what pfSense does well and can tell me exactly where nfSensei falls short. If you are interested in testing please email me: sullrich@gmail.com. Tell me about your pfSense setup and I'll get you access. Note: Affiliates and employees of Netgate are not invited.
English
144
323
2.7K
179.9K
Tim McGuffin
Tim McGuffin@NotMedic·
@IAMERICAbooted Have you considered an LLM and agent-browser connected to Chrome Debugging to do it? It’s my goto now for monotonous data entry.
English
1
0
2
202
EZ
EZ@IAMERICAbooted·
Guess what y'all, I get to spend most of my day converting stuff from on project management board to another and not creating, testing, and deploying solutions. Yay me /s
English
4
0
15
1.6K
Tim McGuffin retweetledi
bynario
bynario@bynar_io·
We're hiring a vulnerability researcher! If you're interested in working at the intersection of security research & AI, check out the role below or reach out to @sam4k1 if you have any questions. wellfound.com/jobs/4424689-v…
English
3
16
107
14.6K
Tim McGuffin retweetledi
Justin Bui
Justin Bui@slyd0g·
Hey all, new spot open on Snowflake's Red Team! You'll be responsible for hacking everything under the sun and building software to enable said hacking. Come join a great team with huge impact :) Link: careers.snowflake.com/us/en/job/SNCO…
English
1
6
42
8.9K
Tib3rius
Tib3rius@0xTib3rius·
@HackingLZ I can tell because what metrics do you even use to judge that?!? 😅
English
3
0
7
630
Tim McGuffin
Tim McGuffin@NotMedic·
90 year old Leica camera, 25 year old film. What could go wrong?
Tim McGuffin tweet media
English
1
0
12
483
Tim McGuffin
Tim McGuffin@NotMedic·
@jsark983 A meta CFP submission site. They upload a paper and tag it with topics or an LLM tags it for them. When a conference CFP opens where their paper matches the topic, the site submits it to the conference on their behalf.
English
2
0
1
48
Joe (GonzoSec) 🇺🇸🇺🇦
May I present... InfoSecFP! infosecfp.com Ingests CFPs from: - cfptime - sec-deadlines - More to come Visit those sites for more info on each CFP, etc. since they're great, but this is for a quick hit. Updates daily!
Joe (GonzoSec) 🇺🇸🇺🇦 tweet media
English
2
1
5
374
David
David@dmcxblue·
I started getting Denied by @AnthropicAI safeguard for cyber security. I gave good resources and content that I’m a professional, but I still got Denied. Anyone suggest any other LLM to work with? It was a good run with Claude. #redteam
English
15
0
37
8K
Tim McGuffin
Tim McGuffin@NotMedic·
@_subTee Code is disposable now like plastic straws, probably with similar environmental impact. 😂 It’s the idea that matters, which is what kept a lot of creative people from building cool things before. It’s fascinating times, and I’m here for it.
English
1
0
1
21
Casey
Casey@_subTee·
@NotMedic LLMs are so odd to me. I get the appeal, like this goblin can write some code. And in a small domain, I can audit and validate and verify So it’s both odd and peculiar and amazing and terrifying all at once. It’s pretty fantastic time. Forget the exploit dev The TOOL dev!
English
1
0
1
15
Casey
Casey@_subTee·
Lord have mercy! glm-5.2 on Ollama, cloud, MacBook Air Built me a very nice TLS debugger in about 10 minutes gist.github.com/secdev02/0052f… I know the domain well, and shaped a few output. Bit at 682 loc it’s better and more efficient than the one I presented at DerbyCon Yowsa!
English
4
0
6
133
Casey
Casey@_subTee·
@NotMedic So great. Absolutely I’m moving offline. Even if my AI models are frozen as of today. I already have enough power to take over small companies and countries
English
1
0
1
27
vx-underground
vx-underground@vxunderground·
> be malware researcher > discuss botnet > share malware IoCs (Indicator of Compromise) > mysteriously mass reported > BANNED FOR VIOLATING THE RULES > ???
vx-underground tweet media
English
49
93
1.6K
54K
Tim McGuffin
Tim McGuffin@NotMedic·
@uwu_underground @vxunderground It's such a weird timeline where an account of anime waifus stood up for meme purposes has direct access to security teams at big-ass companies. F*cking bravo. This is beautiful.
English
1
0
11
251
Tim McGuffin
Tim McGuffin@NotMedic·
@Cannibal Omg I’ve been making it from scratch. I have to try these!
English
1
0
2
98
Cannibal 🎃
Cannibal 🎃@Cannibal·
Turns out I actually AM into bath bombs
Cannibal 🎃 tweet media
English
1
2
12
478
Justin Elze
Justin Elze@HackingLZ·
Texas Zero Day 👀
Justin Elze tweet media
English
10
0
39
3.3K
Dave Kennedy
Dave Kennedy@HackingDave·
Was wondering where all my socks went… found 16 under the couch … winning
English
16
0
37
4.5K