I wonder if #fuzzing nowadays is used more for #pentesting (mostly black box) or defensive #testing (mostly gray or white box) 🤔

Share for reach 🙏
#cybersecurity #infosec

These are really old features, which says a lot about how long I’ve been away from the web frontend 😅

Moreover if you add a name attribute on the details elements with the same value, it behaves as an exclusive accordion

#TIL about details / summary #html elements which allow to hide/show some content by clicking on the summary

This is how fuzzers work.

From Reddit.

#fuzzing #pentesting

🦀 One of the famous vulnerability scanner getting Rust rewrite

"The goal is to replace the current scanner stack (openvas-scanner, ospd-openvas, notus-scanner), including the Open Scanner Protocol (OSP)"

"It provides an interface to manage scans for vulnerability testing"

https://github.com/greenbone/openvas-scanner/tree/main/rust

#infosec

The latest #HelixEditor release is packed with exciting new features! 🚀 Quite eager to try the new pickers and inline diagnostics; files completion is a must. I haven't tried it in over a year—maybe it's time for a second round? 🤔

👉 https://helix-editor.com/news/release-25-01-highlights/

@tuckerjj @caseyliss a couple of weeks ago I thought I was going crazy and that the chime was coming from some of the 10s of virtual pets I have laying around 😅

After realizing that the chime was coming from the AirPods, I couldn’t find anything online. Thanks for solving the mystery!

- You have to understand that back in my day, it was possible to make a career out of sending a lot of AAAAAAs to computer programs

- Sure grandpa, let's get you to bed

I am finally ready to release a decent version of Plainews - a distraction-free news readers for the terminal. It allows you to follow RSS feeds, read them without ads, summarise and translate articles.
https://nsobadzhiev.github.io/plainews-website/

I wonder if #fuzzing nowadays is used more for #pentesting (mostly black box) or defensive #testing (mostly gray or white box) 🤔

Share for reach 🙏
#cybersecurity #infosec

It would also be nice to compare the runtime, since LLMs can be quite slow on commodity hardware

Interesting use of #llm to enhance #fuzzing. I don’t have much experience with web fuzzing, but I wonder how this compares with state of the art gray box techniques

https://www.invicti.com/blog/security-labs/brainstorm-tool-release-optimizing-web-fuzzing-with-local-llms/

#cybersecurity #pentesting

@mboelen That’s quite useful! I used some of your articles recently to optimize auditd rules, the Internet really seems bigger than it is 😁

🤓 #TIL: You can use the lslogins command on #Linux to get info about user accounts. 👀 It's pretty useful if you need to manage accounts, monitoring, or doing access reviews

"If you're thinking without writing, you only think you're thinking" - Leslie Lamport. As a programmer, he'd know this personally, as many programming ideas work fine in your head. Until you try to type it in. https://en.wikipedia.org/wiki/Leslie_Lamport

Count Orlok in the new #Nosferatu movie looks like Jim Carrey’s Dr. Robotnik.

Now that 2025 is here, it's time to wind down the #osspodcast

It was a fun run, but it was time to be done.

I have a new project I'm calling "Open Source Security" (the domain is too good to not do something with it)

I want to chat with people securing the use and creating of open source. I explain a lot more in the blog post (which also has audio)

If you're one of these people, let me know! There are a lot of lessons for us all, and the people doing the best work aren't being listened to

https://opensourcesecurity.io/posts/2025-01-the_future_of_open_source_security/

░░░░░░░░░░░░░░░ 0%

Prediction for 2025: Zig language gets into mainstream, kickstarted by Ghostty exposure #PredictionFor2025 #ziglang #zig #ghostty