Ignis

As promised, here it is - All the useful data i collected from 1.000.000.000 leaked credentials on the internet. And yes, it includes a wordlist of most common ones too, and it has a %80 mismatch rate with rockyou.txt. github.com/FlameOfIgnis/P… #infosec #bugbounty

Gaslighting LLM's with special token injection for a bit of mischief or to make them ignore malicious code in code reviews abscondita.com/blog/uno-rever…

@ODTUKuzeyKibris ODTÜ KKK bilgisayar mühendisliği mezunu ve şuan yine burada yüksek lisans yapan, siber güvenlik alanında da kendisini sektörde göstermiş birisi olarak tercih etmeyi düşünen arkadaşlar görüşlerim için bana DM atabilir

Kodlar hazır mı? Çünkü biz geleceği korumaya başlıyoruz. ODTÜ KKK’da Siber Güvenlik Mühendisliği başladı. 2025 Güz’te ilk öğrencilerini bekliyor. #ODTÜ #ODTÜKKK #SiberGüvenlik #sibergüvenlikmühendisliği

@UK_Daniel_Card @GCHQ Hahah, "Look mom, I'm on TV" moment for me, one of those is probably mine

LOL at exposed @GCHQ CyberChef (I mean its a great tool but you sort of stand out here from a PERSEC/OPSEC pov)

@bmmaloney97 @vxunderground Like what else, any examples?

@ahakcil @vxunderground And we are talking about more data than OCR.

Would you be okay with Microsoft performing OCR on all of your saved OneDrive images, storing the OCR'd data in plain text locally, and making it accessible without administrative privileges?

@bmmaloney97 @vxunderground That depends, do the sqlite files have same permissions as the corresponding image file, or are they accessible to every user? If it is the same permission as the image file I don't see the need to have the ocr data encrypted

@ahakcil @vxunderground The other thing is, M$ is telling everyone that this is all done securely. Where is there any thought of security if it’s in an insecure database?

@bmmaloney97 @vxunderground Also, have you checked if the sqlite file is removed if you delete the image file? If it is retained after the image is deleted (maybe even until next time device is online and directory is synced) it could be cause for concern

@bmmaloney97 @vxunderground Idk, I don't use windows but makes sense in a sync scenario where you want to keep a directory synced across devices, or you don't want to lose files if something happens to the device. About it being easier, I guess so but I still don't think this is a security/privacy concern

@luminaryxd Çoğu insanın anlamadığı şey yapay zekanın bir "araç" olduğu. IDE nasıl benim aklımdakini hızlı ve kolay şekilde koda dönüştürmemi sağlayan bir araç ise, yapay zeka da öyle. 30 satır kodu otomatik doldurup bana 2 satırını düzeltmek kalıyorsa zaten görevini yapıyor demek

Hem yazılım geliştiriyorum hem de yazılımları yıkıyorum. Günümüzdeki yazılımcılık %99 bitecek. Sektör daralacak, ki hali hazırda daralıyor. Yapay zekanın ilk yerini alacağı insanlar, "yapay zeka meka boş iş agalarr" diye takılan bunun gibi dinazorlar olacak.

@dellwingf @0xTib3rius First time I heard of that one tbh, probably not in easy because its not trivial to trigger, so probably in medium?

@ahakcil @0xTib3rius What about 444? That code is not even send to the browser.

Hear me out... A web app CTF where you have to find / trigger every single HTTP status code to unlock a simple web shell. Evil? Yes. Fun? Also yes.

@gamozolabs Who'd win?

What is the correct amount of times to hit ctrl+c to terminate a Python script?

@tekbog Wait, are you sure about that? I know that telegram chats are not end to end encrypted by default, but the "secret chats" should still be e2e.

for the uninformed: telegram was never e2e encrypted and in EU the platform has giant problem with drug-trafficking and other illegal activities there's a joke about how if someone joins telegram they are doing something illegal

Just spotted this in the wild 😂 Perhaps not as secure as it looks at first glance!

@hakluke Pro tip: If you have an outdoor pin keypad, rub some acetone on the 1-2-3-4 keys to wear them out and use a different pin

@egeblc I absolutely love all fromsoft games especially Elden Ring, but obligatory:

Finally finished Elden Ring DLC. This is probably the best game ever made. Miyazaki is truly a genius.

* iş ilanı * İyi bir blue teamer/threat hunter olan. OSCP veya OSEP'i olan, ingilizcesi iyi olan. Googlelamayı iyi bilen. İş değiştirmek isteyen ve yeni challengelar arayan birileri bana ulaşabilir mi ? DM veya email alabilirim.