Moe

@tannerlinsley I use opencode with open router and still have access to Claude opus 4.6 - am I missing something here??

Ghostty was fun, but time for something else. I still love opencode, too but with CC plans dead on it… I’m feeling lost. Full GUI? T3 Code? Opencode GUI? Warp? Back to cursor? Try CC again? Raw Codex? My 🧠 hurts and I just need to keep shipping.

A detailed and brutal look at the tactics of buzzy AI compliance startup Delve "Delve built a machine designed to make clients complicit without their knowledge, to manufacture plausible deniability while producing exactly the opposite." substack.com/home/post/p-19…

@Jhaddix Yup really helpful. Also can render mermaid diagrams using the same way.

This (last) week I learned: To preview/render markdown in VS Code: hotkey is Ctrl+Shift+V (Windows/Linux) or Cmd+Shift+V (Mac)

What I’m realizing is 99.9999999999999999999999999% of AI posts are from people that are trying to get more followers and clicks and has no real world experience on actually deploying. “Improve your workflow 80% by this one Claude skill” “Omg they just released this and it changes the industry completely” It’s all bogus. Create your own workflow that is tailored to you. Don’t buy into this garbage.

@levelsio Muscle memory and repetition and ? shows all the shortcuts you might ever need.

I hate tmux It's so incredibly user unfriendly The shortcuts make no sense I wish someone would make a better tmux Even just logging into tmux attaching the screen is an illogical hell to type Again I hate tmux, it's so shit

@deadvolvo What your local model setup? Using ollama?

This... this is why I purchased a 5090 to write my own attack framework and custom scalable cloud/hybrid infrastructure layer. 🤣 The amount of things I can do locally with 0 token burn to refine and only present what is needed for paid models is VAST to say the least.

@PTShatha511 Only reason I got it was cause my work paid for it. And yea it’s just okay material. You can learn 10x what OSCP teaches with same structure with a $20 AI subscription. Also sadly still an HR filter

OSCP is overrated Yes, you’re all wrong

@danielmakelley @anton_chuvakin Lost count the # of jobs asking for pentesting, DevSecOps, threat hunter, GRC, SIEM deployment, SOC analyst. It’s also last HR and hiring managers that come from non technical background thinking these things are all done by 1 person at high level

Cybersecurity hiring is broken partly because job descriptions are written by people who have never done the job. The list of required skills is a wishlist assembled from several different roles, priced as one, justified as “a fast-paced environment.”

BREAKING: Cluely CEO officially responds to TechCrunch

@0xTib3rius vercel.com/blog/agents-md… Agents.md outperforms agent skills. Might be worth trying.

If anyone has prompt / skill advice btw I will happily accept it. The potential here is crazy, and if nothing else I'm having fun learning stuff. 😁

I want to share a quick thought for people in cyber security. This will be my longest tweet ever. I’ve spoken to many lately who are having an existential crisis from the constant posts about “the end of cybersecurity jobs.” Yes, things are changing quickly. This is a significant moment for the tech industry. Change can be uncomfortable. But we’ve seen cycles like this before. • When GitHub and open source took off, people said software engineers would disappear because code was free. • When AWS and cloud computing emerged, people said infrastructure jobs would vanish. • When fuzzing and SAST tools improved, people said vulnerability research would disappear. • Virtualization would eliminate infrastructure jobs. • Mobile computing was going to end desktop dev. • Exploit mitigations would end exploitability. It didn't. Each time automation improved, the amount of software grew faster than the automation. It does feel "different" this time as it's explosive. Some roles will shrink: • repetitive pentesting • basic vulnerability scanning • tier-1 SOC monitoring But other areas are expanding rapidly: • AI system security • supply chain security • identity architecture • autonomous agent security • critical infrastructure protection Historically, every time we eliminate one class of bugs, new classes emerge. Right now people are vibe-coding entire systems, giving AI access to their machines, crossing trust boundaries, and deploying autonomous agents with excessive permissions. The legal and regulatory world is nowhere close to ready. There will absolutely be new failure modes. Humans are amazing and always adapt, finding new ways to do things. The worst thing you can do right now is fall into a doom loop. ...and I’ll be honest, I too have felt the "psychological paralysis" a few times thinking, “Is this time different?” It's especially impactful when it comes from someone I respect in the community. There are certainly unknowns, in an industry where we've become accustomed to predictability. But... the majority of those reactions are usually driven by social media, not reality. Platforms like X reward engagement, and sensational doom posts spread faster than measured thinking. If you see something like: “Holy #$%^! Opus 66.6 just found every bug in Chrome and replaced 50 startups!” …mute it and move on. Instead: Stay curious. Learn the new technology. Adapt your skillsets. Build things. We’ll get through this transition the same way we always have. If I'm wrong then Sam Altman better be right about UBI! :) I'm sure that if this tweet gets any engagement that I'll get some heat for it, but a good friend of mine reminds me often to focus on what you have control over. I'll revisit this tweet at DEF CON 40!

I finally let Claude do my pentest this week. Full 5-day engagement, zero human input. Here's what the client got: 😏 clawd.it/posts/10-repla… #bugbounty #pentesting #AI #cybersecurity #infosec #claudeai

@cryptopunk7213 @CoinCommoner And yet people like Nicholas Carlini (works at Anthropic) still suggests that college still very necessary for CS careers. Just like we still learn basic math even though a calculator exists.

@CoinCommoner this is ultimately true but will take time. remember most kids are still conditioned to spend their time at university learning through out-dated books vs spending all their time with an LLM

wow Anthropic just published a crazy report on AI replacing your job and er... you might want to look at this: - #1 most at-risk jobs are computer programmers, financial analysts (rip excel bros) and customer service - most at-risk workers are female, white, older and higher paid. - BUT high-risk jobs *aren't* firing employees... they've STOPPED HIRING. biggest victims: college graduates (4X more likely to be fucked) - entry-level hiring has dropped 14% since chatgpt launched (for highest risk jobs) - SAFEST jobs are... bartenders, dishwashers and lifeguards - any manual labour that AI can't automate (yet) this accounts for 30% of the job market. - this was the scariest part: AI models are capable of automating most work TODAY but are prevented because of law and slow company adoption. so its not even a fucking skill issue its an ADOPTION issue. - now its important to understand that the study is based on real world data but also 'theoretical' intelligence. so take it with a pinch of salt. some jobs (manual labor) didn't even meet min. data reqs i applaud anthropic on being so damn transparent - they're literally the company behind claude who will be responsible for these impacts studies like this will help us figure it the hell out. LOT of change coming this year.

@mischavdburg Some of the most cracked engineers I know use generic default vscode. I care more about the way someone troubleshoots a system/how they problem solve

If you want my respect as a junior engineer, show up to the interview with these skills: - editing in vim - reading man pages - CLI debugging These are hard to learn, average people won’t do it, but they’re worth 10x any certification.

@evilsocket @her0x0ftime any reason to not use claude via openrouter? What I've been doing. works pretty well.

@her0x0ftime I am using Claude for complex tasks, for personal projects and small iterations i'm experimenting with opencode + an openrouter api key and Kimi K2.5 ... will test the new Qwen3.5 MoE too soon

If you like Claude remote, give OpenCode (opencode serve) + Tailscale a try, because imo it's waaaaaaay better and stabler.

@thedawgyg Ah gotcha. Interesting.

i built command line wrappers for the cli's for each of them. and setup ways that whatever model i am currently testing as the 'manager' can invoke them. and setup automation so that they can tell each other when they have tasks, completed tasks, need more info etc. theres still a ton of work to be done, as im still figuring out what works and what doesnt.

I hit my API limits, and went through the extra funds i had placed on account... so now hafta wait til Friday at 8pm to unleash them again lol. But they spent ~17 hours hunting solidly. Tho I don't believe their claims... They think the combined totals of 'max bounties' possible from all findings to be over 2 million dollars... lol... so unless they have some crazy sh!t in there they may be hallucinating a bit lol

@levelsio Something like 60% of all SSRIs produced in the world are fed into the US. I wonder why.

Sadly he blocked me so I can't reply But I will never stop calling out anti depressants (SSRIs) for being overprescribed and abused in current day society Even if it makes me very unpopular to do so It's more popular to say "good for you" than "this stuff is extremely dangerous" A real friend actually would tell you the latter Time will tell

I bet that you also have knowledge fomo. With the risk of sounding old, if you learned something in tech a few years ago, like the MCSE, early OSCP and similar certs / areas of expertise, it ment something, and you could coast on that knowledge for a good while before the next version of ex, windows got released. Today, Things move so fast that knowledge almost feels ephemeral, new tech / tools /solutions drops all the time, things you learn has a way shorter shelf life, heck you don’t event need to know the flags to run the cli commands, the llm will do that for you so your bash skills don’t even matter anymore. And you FEEL it! if you miss the train, you are out. Obsolete, you are legacy! So I bet more or less all of us have some kind of imposter syndrome and tries to fake it until we make it. Builders know it, investors know it, breakers know it. And the ones that say they ”know” most likely don’t know ”everything, especially not the latest thing, so they wing it too, we all do, so play along, do what you can, remember to take breaks, exercise, hydrate, eat well, take care of yourself, then look what every else is doing, mimik, experiment, take the shortcut, break the chain, and solve the problems one at the time, learn as you go and enjoy the ride. We are in this together.

Day THREE of FIVE days of celebrating our 2 year ARCANUM-VERSARY! @arcanuminfosec 4th Giveaway = FOUR seats to our FLAGSHIP course on modern application assessment and recon: The Bug Hunter's Methodology! 👍 1 Like = 1 Entry! ♻️ 1 Share = 2 Entries! Winners announced 1/21! Syllabus link below 👇