SherlockSecure
827 posts
SherlockSecure
@sherlocksecure
Security Engineer | I'm that SherlockSecure ;(
Chennai, India Katılım Mart 2013
198 Takip Edilen4K Takipçiler
Any alternative career advice please
Claude@claudeai
Introducing Claude Code Security, now in limited research preview. It scans codebases for vulnerabilities and suggests targeted software patches for human review, allowing teams to find and fix issues that traditional tools often miss. Learn more: anthropic.com/news/claude-co…
English
@Burp_Suite SSO? Honestly You guys need more AI integrations at this moment. Add BYOK with DAST via burp agents.
English
Authenticated vulnerability scans made easy… Let Burp AI handle the login flow for active scans!
English
@fmdz387 You're secure! Here's what your config shows:
gateway:
port: 18789
mode: "local"
bind: "loopback" ← This is the key setting!
auth:
mode: "token" ← Plus token auth required
bind: "loopback" means the gateway only listens on 127.0.0.1 your local machine only.
English
Clawd disaster incoming
if this trend of hosting ClawdBot on VPS instances keeps up, along with people not reading the docs and opening ports with zero auth...
I'm scared we're gonna have a massive credentials breach soon and it can be huge
This is just a basic scan of instances hosting clawdbot with open gateway ports and a lot of them have 0 auth
English
Hey hackers 😎
Eternal Bug Bounty program offering a 50% bonus on valid Android & iOS client-side bugs 🚨
Found something High or Critical? That gets an extra 1.5x payout 👀
Campaign runs till Feb 5.
Jump in 👉 hackerone.com/eternal
#BugBounty #MobileSecurity @Hacker0x01
English
@NalinisKitchen Effects of missing type writing classes in the school days
English
@bcherny @warpdotdev have this ages before. Even the Claude cowork.
English
English
@sherlocksecure @Burp_Suite @albinowax That would be really cool 👌. The only issue is these models often refuse to answer anything related to hacking, even with 'custom instructions' for every response, so most of the time we have to clarify it’s for CTFs or authorised testing.
English
@Burp_Suite @albinowax
Can Burp Suite add a ‘bring your own API key’ option for Burp AI, allowing users to plug in their own Anthropic, Gemini, or other model keys?
English
Is it the new normal at @HackenProof?
Reported an issue in January, yet no response from Dev, but the issue is fixed, and the dev & triage team are not responding to any queries or updates. @1inch
#BugBounty
English
English
English
Hi @zomato @zomatocare Have ur Hr started new service ..Scammers are scamming in your names. #Cybercrime @Cyberdost @MahaCyber1
English
Thanks for the idea, my own automation is almost ready, deployed in aws servers and will overtake yours with report creation just requiring my approval to submit 😜. This cover all the attacker surface you have mentioned and additional few more as well.
PS: I’m not gonna sell it, just wrote for own journey.
English
We just launched a new landing page for iScan[.]today
Check it out 👇
English
No bounty from @google for getting an RCE on google.com. I know there were some requirements for this to work and I wasn't expecting a $50,000 bounty, but wasn't expecting to "not meet the bar for a financial reward" at all.
At least I can say I "RCE'd" google.
English
@Info_IntelX If you can add a new date column with sorting feature would be good.
English
💥 We added a powerful new feature to the Identity Portal: Reverse Lookup
You can now search for a domain or URL and get all leaked accounts for a particular service.
➡️ Read more at blog.intelx.io/2025/01/03/new…
English
We are just finishing the work on one of our most powerful and important new features. It will be available to users with an Identity Portal license and in the beginning upon invitation only.
English