Introducing Claude Code Security, now in limited research preview. It scans codebases for vulnerabilities and suggests targeted software patches for human review, allowing teams to find and fix issues that traditional tools often miss. Learn more: anthropic.com/news/claude-co…

People, Process and Technology....Still exists. It's a tool, will do some wiz bang things. Good to see it before checkin the tools are getting there.

Review domain 6 and 8 in CISSP. Anthropic is helping there. Cybersecurity is a bit larger field than just vuln scanning. infosectrain.com/wp-content/upl…

Proxmox? Ubuntu? Will be an AI machine

infosecwriteups.com/hacking-micros… This is the longest and most in-depth article I’ve published on Medium so far. It covers IIS and ASP dotNET vulnerabilities from absolute basics to advanced techniques. Even if you have zero background in IIS, you’ll be able to understand the fundamentals

New shiney local AI. first new desktop in 7300+ days. This new fangled hardware moves quickly!

Bug Bounty Tool: Trafexia is a tool that helps you intercept mobile apps traffic. It's useful for finding vulnerabilities in mobile APIs. github.com/danieldev23/tr…

🚨 BLOODBASH v1.3.1 JUST DROPPED 🔥 SharpHound + AzureHound Analysis ONE TOOL Full hybrid AD + Entra ID graph Privileged Roles, App Secrets, MFA Bypass, Guest Users, Service Principal abuse — all detected offline No Neo4j. No GUI. Pure Python firepower Red teamers & cloud

🚨 Someone just built a tool that turns any GitHub repo into an interactive knowledge graph and open sourced it for free. It's called GitNexus. Think of it as a visual X-ray of your codebase but with an AI agent you can actually talk to. Here's what it does inside your browser:

Kali & LLM: macOS with Claude Desktop GUI & Anthropic Sonnet LLM: This post will focus on an alternative method of using Kali Linux, moving beyond direct terminal command execution. Instead, we will leverage a Large Language Model (LLM) to translate… kali.org/blog/kali-llm-…

Remember .ExecuteScalar()

Claude Client + Kali MCP Server + metasploit (I know laugh...) had to try on my home network with metasploitable. Tried having claude write a python script. It's not quite 1st grader level yet....Cool option though. Bug Bounty here I come eventually.

When is the Claude love going to peak?

Man flu enabled

Forgot to post it, but the recording of my Black Hat talk was released last week. If you're interested in all the hybrid AD attack surface you never knew about, give it a watch: youtu.be/rzfAutv6sB8?si…

🚨 This is what someone can find out about you with just your phone number. No hacking. No special access. No dark web tools. Just publicly available data that most people don't even know is exposed. A tool called GhostTrack demonstrates exactly how much of your personal

I made a Burp extension to automatically check for Maps/Gemini API key leaks, this will check to see if any keys have access to the generative language APIs and report any issues as high. github.com/njcve/gkey-burp #bugbounty

If you use AI daily, save this. 🔗 github.com/f/prompts.chat One of the biggest open-source prompt libraries on the internet. • 140K+ GitHub stars • Works with ChatGPT, Claude, Gemini, Llama, Mistral • Community-curated prompts for real use cases • 100% free & open-source •

Firewall Home Lab Setup Tools: - pfSense - Ubuntu - Windows Server - Windows 10 On pfSense, configure: - VLANs - DNS - DHCP - SPAN port - ACLs for ports and applications Then: - Set up Active Directory (AD DS) - Join Windows 10 to the domain Just like that—you've gained

🚨 Microsoft just quietly dropped a tool that turns ANY document into LLM-ready data in seconds. It's called MarkItDown, a lightweight Python library that converts PDFs, Word, Excel, PowerPoint, images, audio, and YouTube URLs into clean Markdown your LLM can actually use. No