.@GitLab releases many features years before GitHub. Every month on the 22nd, transparent and open. 10 examples in this thread 💡 about.gitlab.com/is-it-any-good…

Shoutout to [email protected] who spotted this one

g0tmi1k starred honeytrap/honeytrap on Github ift.tt/2oBuwCB

Serious productivity boost for reading code on GitHub. 1️⃣. Go to any repo you are interested in on GitHub. 2️⃣. Replace "github" with "github1s" (one + s) in the browser address bar. 3️⃣. Enjoy browsing code like you would in VS Code. This is huge 🔥

When was the last time you used Yahoo to search for something? (and not in an automated tool/scraper!)

g0tmi1k starred liamg/traitor on Github ift.tt/3dcXJyT

Split a whole bottle of citronella in a draw. Lucky all electronics were enclosed! Good news, will be bug free. Bad news, Physical bugs rather than code!

g0tmi1k starred antoniomika/sish on Github ift.tt/2GXRRsZ

g0tmi1k starred slidevjs/slidev on Github ift.tt/32RDOPC

g0tmi1k starred agrawalsmart7/otphacks on Github ift.tt/3hLuNjx

g0tmi1k starred madhuakula/kubernetes-goat on Github ift.tt/2C3v66v

g0tmi1k starred jlevy/the-art-of-command-line on Github ift.tt/1IV1NNB

g0tmi1k starred willshiao/node-bash-obfuscate on Github ift.tt/3gMsBr7

g0tmi1k starred bup/bup on Github ift.tt/3cN70fO

g0tmi1k starred audibleblink/doxycannon on Github ift.tt/2qotUBe

g0tmi1k starred privacybot-berkeley/privacybot on Github ift.tt/3uMxFk5

g0tmi1k starred docsifyjs/awesome-docsify on Github ift.tt/35MA9Bm

😝 Here is the full disclosure of the Twitter XSS + CSRF vulnerability. Clicking a crafted link or going to some crafted web pages would allow attackers to take over your account (posting, liking, updating your profile, deleting your account, etc.)

And we got the full JS exploit to chain with this XSS vulnerability! In another word, visiting this link earlier today would take over your account: analytics.twitter.com/mob_idsync_cli…

twitter not paying whitehats. what could go wrong? this one just disclosed a vulnerability that would have allowed people to gain control of the twitter accounts of users who merely clicked malicious links