Netexec for Pentester: SSH Exploitation 🔥 Telegram: t.me/hackinarticles hackingarticles.in/nxc-for-pentes… #CyberSecurity #InfoSec #CyberAwareness #CyberThreats #DataSecurity #informationsecurity #ITSecurity #CyberSecurityTraining #EthicalHacking #BlueTeam #RedTeam #CTF #BugBounty

写一下怎么结合新的 Figam 远程 MCP 和 Codex 进行 Vibe Coding Codex 在写前端代码的时候美学表现比其他模型都要好很多，同时加上新的 Figma MCP 就能获得一些很顶的结果 👇下面是具体的教程：

卧槽，我真解决了让 Codex 连续工作 8 小时的问题，上下文都不会爆掉！ 方案就是让 Claude Code 去当监工监督 Codex 干活，大概的步骤如下： 1. 首先要让 Codex 生成一个任务的 TODO List，就是那种能一步步完成的 2. 然后让 Codex 更新 Agents md 文件，加上说明，如果输入 continue，要读取 TODO

今天凌晨刷到吴恩达又出了新课，这次是 Agentic AI。看到课程大纲的第一反应是：终于有人把 AI Agent 这件事讲透了。 很多人都在学 AI，但真正能把 AI 落地成「会干活的智能体」的人，少得可怜。市场上到处都是会调 API 的开发者，但能设计一个「自己会思考、会用工具、会协作」的 Agent

APK TOOL GUI Tools: easier for reverse engineering and Android pentesting - github.com/AndnixSH/APKTo… #infosec #cybersec #bugbountytips

Blog posts, write-ups, papers, and tools related to cybersecurity, reverse engineering, and exploitation👾 github.com/0xor0ne/awesom…

Data breach search engines for Penetration Testing and Threat Intelligence 📕 #infosec #cybersec #PenetrationTesting

I was able to bypass rate limiting using this on mostly websites. #infosec #cybersec #bugbountytips

Top Search Engines for PenTesters

🔍Can you find the vuln? (This was from a 2024 exploit.)

Dynamic shellcode loader with sophisticated evasion capabilities github.com/0xNinjaCyclone…

Next.js Security Testing Guide for Bug Hunters and Pentesters deepstrike.io/blog/nextjs-se…

Top Websites to Learn for Free 📚📘 Save it for later reference ✅ #programmer

这个GitHub仓库按年份整理了大量关于漏洞分析与网络安全、逆向工程和开发相关的博客、文章、论文和工具等等，全部都是让人不禁卧槽的硬核干货，非常极具参考价值的网路安全学习资料导航。 github.com/0xor0ne/awesom…

As bug hunters, we all use Burp Suite. But many miss these life-saving shortcuts:

🛠️ New PoC Exploit Released for Sudo Chroot Privilege Escalation Vulnerability Read more: cybersecuritynews.com/poc-exploit-su… A critical vulnerability in the widely used Sudo utility has come under scrutiny following the public release of a proof-of-concept exploit, raising alarms for

How to resolve a list of subdomains, extract IPs, scan the top 1000 ports and probe for HTTP services with ProjectDiscovery's dnsx, naabu and httpx! ⌨️ dnsx -r <resolvers> -l <subs-list> -ro | naabu -tp 1000 | httpx Install these tools now! (🔗 links in comments 👇)

劝退：n8n等 AI工作流不要学了 因为我已经可以用AI纯自动生成复杂n8n工作流了。 注意，不是那种生成一行几个节点的“玩具”，而是工业级别的复杂工作流。 例如下图 Reddit平台的DJi舆情监控工作流，就是我用AI生成的 我发誓没有新建一个节点，包括里面的备注说明全是AI自己生成的，90% 可用🧵

🐉 Hydra Cheat Sheet Fast Credential Auditing (Authorized Use Only) Quick examples for common services like SSH, FTP, and HTTP use only in labs or with explicit permission. ⚠️ #Hydra #PasswordAuditing #EthicalHacking

tell me any better XSS methodology than this 😎 Explanation: This oneliner command starts by collecting all URLs from passive sources using gau tool, then filters them for potential XSS parameters using gf patterns. Next, httpx and grep are used to keep only URLs that return