Rock Stevens

Wisdom from Space Force, Ep. 1: "When we were out at the launch site, there were two tiny clouds in the sky. [A scientist] had an umbrella. People like that can't handle any risk at all. There's no way we are getting back to the moon with that kind of thinking."

@Art415982964104 @IntCyberDigest Villain origin story unfolding

@IntCyberDigest This is how you create a threat actor in real time. Clearly an exceptional hacker, but big corpo treats people like this badly. 🤷

‼️🚨 Researcher "Nightmare-Eclipse" had their GitHub account flagged and wiped after publicly dropping zero-day PoCs targeting Microsoft products. In a message, they accuse Microsoft of deleting the account they used to report bugs (with zero payout for past disclosures). The signed message ends with a direct threat: "Mark this date July 14th, I will make sure your bones are shattered that day."

I don't know about you, but I've always struggled to keep track of offensive security conferences. I think part of the problem is that there are SO many good ones, and it's just a lot to keep straight. This leads to forgetting about them, which is a problem too. In this vein, I'm happy to share that I've made some really good progress on a way to (hopefully) keep better track of the upcoming offensive security conferences we all care about. On redteam.community, if you head over to the "Industry Conferences" page, I'm pleased to report that there are now 87 conferences in the directory… and it's more than just "Black Hat is on August 1st, 2026" btw. A lot more. For example, click into a conference (let's stick with BH as the case study) and you _should_ see every upcoming talk/briefing (currently 88), every upcoming training offered (currently 132), and even 1,500+ past conference talks/briefings from previous years too. You can go deeper than that, though. Take this upcoming BH training by John McIntosh: "Building Agentic RE: Automating Reverse Engineering & Vulnerability Research with AI." If you click John's pink "social chip", which lives on his BH training card, you can quickly see that he's given talks at RE//verse (2026), Objective by the Sea (2025), RECON Montreal (2025), 44CON (2023 + 2025), and Insomni'hack (2024). He also has an upcoming talk at RECON, AND he's delivering trainings at DEF CON, BH, and RECON in 2026. As a bonus, you can see he has a presence on X, Mastodon, GitHub, and YouTube (if you want to give him a follow). There's still a fair bit of work to be done to automate this end-to-end, and not all conferences are filled out yet (mostly because talks + trainings aren't available). But it basically works as a pipeline. Adding a conference kicks off a chain of events: > A conference is added to the site database, and its details are extracted into a stub page > Talks and trainings are extracted and added as tiles, with speaker info attached > Past conference videos are located, then titles and descriptions are parsed for speaker names > Every speaker name is matched, normalized, and deduped across the site (so one person maps to one profile everywhere they appear) > Daily/weekly cron jobs refresh everything and merge new schedule and program info as it becomes available I know I haven't been as active on the socials lately, and I'm behind on messages too (sorry). But I do hope you like these recent upgrades!

best 7 accounts to follow on X to stay ahead in 2026: distributed systems = @alemamsha start-up ideas = @alemamsha LLM deep-dives = @alemamsha start-up growth = @alemamsha AI agents = @alemamsha low level engineering = @alemamsha bangers = @alemamsha

Code is online at github.com/rstevens70/tun…

Tunneler is an expert SSH tunneling operator: OPSEC-gated Claude Code skill and agent for multi-hop pivot chains in authorized pentest engagements

Superpowers (206k+ ⭐) is an open agentic skills framework that gives coding agents actual engineering discipline. Core loop it enforces: - Brainstorm thoroughly - Write real design docs - Strict test-driven development - Parallel subagents + mandatory reviews Result: dramatically better output with less wasted time. Works great with Claude Code / Cursor / etc. github.com/obra/superpowe…

Just made an agent skill for analyzing Chrome extensions for vulnerabilities and generates PoC exploits. Found and verified 1 critical and 5 high vulns in LastPass 👀.

Added a SKILL.md file that performs the same functionality within your fav AI agent. github.com/rstevens70/nut…

This cuts deep

@PratikSinhatwt NutriGene is a completely free, 100% private tool that lets you upload a raw DNA file and instantly get personalized supplement + diet recommendations based on your actual genes. No servers. No data collection. Everything runs in your browser. github.com/rstevens70/nut…

Drop your project URL 👇🏻 Let's see what you are building I'll rate it out

I've been messing around with CodeGraph and ways to use it in a prompt. This seems to be working: ```This project has CodeGraph initialized. 1. Spawn an Explore agent to deeply understand the relevant parts of the codebase for this task. Instruct it to primarily use codegraph_explore. 2. Once we have the context, propose a plan. 3. Implement the changes. Task: [your task here]``` github.com/colbymchenry/c…

Pretty happy overall with Antigravity IDE. Uninstalled Antigravity 2.0 almost instantly... Was incompatible with my dev env. Just got access to Grok Build... looking forward to messing with it.

Inspired by NSA’s recent MCP security guidance, I built metaMCP — a tool that pentests other MCP servers. Quick find in Playwright MCP: browser_navigate can load internal Chrome pages like chrome://settings/. Internal browser pages shouldn’t be reachable. Needs proper URL scheme allowlisting. MCP security has gaps.

github.com/rstevens70/nut… NutriGene is a completely free, 100% private tool that lets you upload your raw 23andMe or Ancestry DNA file and instantly get personalized supplement + diet recommendations based on your actual genes. No servers. No data collection. Everything runs in your browser.

Drop your project URL Let’s drive some traffic

NutriGene is now available. It’s a completely free, 100% private tool that lets you upload your raw 23andMe or Ancestry DNA file and instantly get personalized supplement + diet recommendations based on your actual genes. No servers. No data collection. Everything runs in your browser. MTHFR? VDR? APOE? It tells you exactly what your DNA says about vitamins, caffeine, fats, etc. Built in one day with Antigravity. Code is clean, simple vanilla JS + a curated SNP dictionary. → github.com/rstevens70/nut… Any interesting findings? Share them.

Lesson learned building in Google Antigravity: When trying to copy a specific aesthetic, **screenshots work better** than written UI guidance. Gave it an exact template URL and it gave me something decent. But feeding it a screenshot of the general style → v1 of your website instantly looks premium. Moral of the story: Show, don’t tell — even to AI.

If there's interest in this, I could post the code on Github

Just finished my first real Antigravity one-shot project 🔥 Built a full-stack nutrigenomics analyzer (NutriGene) that lets you upload raw 23andMe/Ancestry data and get personalized supplement + diet recommendations tailored to you based on your actual SNPs. 100% client-side, zero data stored. Runs completely in your browser. MTHFR mutation? It just told me I’ve been throwing money away on the wrong form of folic acid for years. Screenshots below👇 Next project with Antigravity: MCP server for my Hak5 Pineapple Tetra

Initial Antigravity thoughts: there are multiple products available. AGY 2.0 is an agent-first application that makes you a development manager. AGY IDE is what most are familiar with (Cursor, Windsurf). There are people w/ pitchforks out, screaming about 2.0. Just use the IDE!

@K3N_J3NKINS Kennnnn!

@ada95ftw Hey Rock, been a minute. Thanks for sharing.

Weekend project: learn Google Antigravity workflows and make something useful for pentesting. NSA Cyber just released their MCP best practices guide, so I'll try to think through something MCP related maybe? Starting off my Antigravity adventure here: youtu.be/6C0FjHoN3qE?si…