💻 New blog post Detectify about the 'goodfaith' tool I wrote for scaling #bugbounty automation by remaining within scope. 🛠️ Tool: github.com/brevityinmotio… 💡 Blog: labs.detectify.com/2022/06/21/hac…

There is A TON of sweet Python material in this Humble Bundle ebook package-- between Jupyter, Django, cookiecutter and FastAPI, Pandas and threading and more... so much great education jam packed in here. (disclaimer, affiliate link) humblebundle.com/operation-pyth…

🎨 Well… I no longer spend excessive time on social media because I’ve replaced it with laying in bed for hours every night sending #dalle prompts.

Heading into a technical security review meeting? 💡Review the relevant OWASP® Foundation cheat sheet (cheatsheetseries.owasp.org) for the topic prior to the meeting. 🧠 Look like a genius. ⚖️ Reduce risk. 🙏 This project has been one of the most valuable and helpful throughout my career.

☁️ For cloud learning, obviously both options would be best, do you prefer to follow a tutorial walking you through the console/GUI or walking you through the infrastructure as code? The context and why would be the same.

💻 I’ll have 200 of these holographic #stickers to hand out DEF CON representing my blog and projects. I can’t wait to trade for the many cool ones I’ve seen!

Another awesome "Live Recon" show with myself and Ben Sadeghipour This time we interview Louis Nyffenegger the founder of PentesterLab !! We chat about his early career, SQL injection, certificates, and ALL about training/hacker-education! youtube.com/watch?v=XaLA5y…

🎶 My other hobby outside of computers… a local show to see my all time favorites. #andrewmcmahon #dashboardconfessional #armorforsleep #rocktheruins

🔥Fantastic panel at RedTeamVillage with Ben Sadeghipour John Hammond Alh4zr3d Ryan M. Montgomery “The best way to learn is to teach” -Alh4zr3d

💡Have a list of URLs and want to know which ones are in a public bug bounty scope? Install the tool: python3 pip install goodfaith Run the tool: cat urls.txt | goodfaith -s bugcrowd This functionality was just released today! #bugbountytips #recon #automation

🗓“You Have One New Appwntment” - Very fascinating research at DEF CON being presented by spaceraccoon | Eugene Lim 🔥📆

🦸🏼‍♂️ Me explaining to my kids what I did at DEF CON: 1. I played with legos. 2. I folded paper airplanes. 3. I made a tin foil hat. 4. I traded stickers. 5. I looked at cars.

📚 To expand my technical knowledge, I have always asked myself, what tech question would I not want to be asked? Then I go learn it and repeat that question. I recommend this advice no matter where you are at in your career. This approach applies far beyond just tech.

One unique thing about software as an engineering discipline is that it offers abstractions which allow ppl to start contributing in the field w/o having to understand the whole field. To be great, though, imo understanding what’s under the abstractions is really important: 1/

The prompt# zine is always so cool and well-done! Thank you Black Hills Information Security for such a unique resource! My bear vs bear chase card went straight into the card saver. Now to determine where to send it to have it authenticated and graded🥇!

☁️ This has always been one of my favorite and most valuable security resources since the original release. The approach is relevant even if you do not use AWS. Great job on the updates and the entire document is worth the time to read and implement!

💡This thread is loaded with valuable responses and is a list of commands that I’m certainly going to spend some time learning. Looking forward to the content that Ben Sadeghipour creates from this!