0x40k<p>Whoa, talk about déjà vu! Seems like Firefox is playing catch-up right after Chrome dropped a fix for a sandbox escape. 🤯 Keep an eye out for CVE-2025-2857.</p><p>So, what's the deal? In short, this nasty bug could let an attacker break right out of the browser's protective sandbox. And *that* means they could potentially gain full access to your system. Yeah, pretty scary stuff. 😱</p><p>If you're running Firefox on Windows, heads up! This affects versions 136.0.4, ESR 115.21.1, and ESR 128.8.1. This whole situation feels familiar because Chrome *just* patched CVE-2025-2783, a similar issue that attackers were already actively exploiting out in the wild!</p><p>Make no mistake, sandbox escapes are a huge deal. As a pentester, I can tell you: vulnerabilities like this get weaponized *fast*. Don't wait around.</p><p>Seriously, update your Firefox ASAP! Trust me, you don't want to deal with the fallout if someone exploits this. It could get costly, fast.</p><p>Ever seen a browser exploit do its thing live? Wild, right? Drop your stories below!</p><p><a href="https://infosec.exchange/tags/infosec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>infosec</span></a> <a href="https://infosec.exchange/tags/pentesting" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>pentesting</span></a> <a href="https://infosec.exchange/tags/firefox" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>firefox</span></a> <a href="https://infosec.exchange/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>cybersecurity</span></a> <a href="https://infosec.exchange/tags/updateNOW" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>updateNOW</span></a></p>
Recent searches
No recent searches
Search options
Only available when logged in.
shakedown.social is one of the many independent Mastodon servers you can use to participate in the fediverse.
A community for live music fans with roots in the jam scene. Shakedown Social is run by a team of volunteers (led by @clifff and @sethadam1) and funded by donations.
Administered by:
Server stats:
290active users
shakedown.social: About · Status · Profiles directory · Privacy policy
Mastodon: About · Get the app · Keyboard shortcuts · View source code · v4.3.4
#pentesting
3 posts · 3 participants · 0 posts today
IT News<p>Physical Key Copying Starts With a Flipper Zero - A moment’s inattention is all it takes to gather the information needed to make a ... - <a href="https://hackaday.com/2025/03/25/physical-key-copying-starts-with-a-flipper-zero/" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">hackaday.com/2025/03/25/physic</span><span class="invisible">al-key-copying-starts-with-a-flipper-zero/</span></a> <a href="https://schleuss.online/tags/lockpickinghacks" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>lockpickinghacks</span></a> <a href="https://schleuss.online/tags/duplicating" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>duplicating</span></a> <a href="https://schleuss.online/tags/flipperzero" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>flipperzero</span></a> <a href="https://schleuss.online/tags/lockpicking" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>lockpicking</span></a> <a href="https://schleuss.online/tags/locksports" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>locksports</span></a> <a href="https://schleuss.online/tags/pentesting" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>pentesting</span></a></p>
Florian<p>When I started the IC_Null channel the idea was to cover topics primarily about <a href="https://infosec.exchange/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>cybersecurity</span></a>, <a href="https://infosec.exchange/tags/hacking" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>hacking</span></a>, <a href="https://infosec.exchange/tags/pentesting" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>pentesting</span></a> etc. from a <a href="https://infosec.exchange/tags/blind" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>blind</span></a> perspective. Blind as in <a href="https://infosec.exchange/tags/screenReader" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>screenReader</span></a> user, that is. But an overarching topic is showing off what jobs are (up to a point) doable for this demographic and where the obstacles are. Today's stream leans that way: we'll be looking at the premier <a href="https://infosec.exchange/tags/translation" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>translation</span></a> and <a href="https://infosec.exchange/tags/localization" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>localization</span></a> tool, Trados Studio. Supposedly they have upped their <a href="https://infosec.exchange/tags/accessibility" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>accessibility</span></a> as of late. I'll be the judge of that 💀<br>I'll see you all on <a href="https://infosec.exchange/tags/youtube" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>youtube</span></a> and <a href="https://infosec.exchange/tags/twitch" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>twitch</span></a> just under 1.5 hours from now. https://twitch.tvic_null <a href="https://youtube.com/@blindlyCoding" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="">youtube.com/@blindlyCoding</span><span class="invisible"></span></a> <a href="https://infosec.exchange/tags/selfPromo" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>selfPromo</span></a> <a href="https://infosec.exchange/tags/stream" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>stream</span></a> <a href="https://infosec.exchange/tags/trados" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>trados</span></a></p>
nickbearded<p>🐧 Debian 12.10 "Bookworm" is out! 🚀</p><p>The latest update brings 66 bug fixes and 43 security patches. I'll be updating BashCore to the newest version soon, so stay tuned! 🔥</p><p><a href="https://bashcore.org" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="">bashcore.org</span><span class="invisible"></span></a></p><p><a href="https://mastodon.social/tags/Debian" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Debian</span></a> <a href="https://mastodon.social/tags/Linux" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Linux</span></a> <a href="https://mastodon.social/tags/BashCore" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>BashCore</span></a> <a href="https://mastodon.social/tags/CyberSecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>CyberSecurity</span></a> <a href="https://mastodon.social/tags/InfoSec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>InfoSec</span></a> <a href="https://mastodon.social/tags/Pentesting" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Pentesting</span></a> <a href="https://mastodon.social/tags/OpenSource" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>OpenSource</span></a> <a href="https://mastodon.social/tags/FOSS" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>FOSS</span></a> <a href="https://mastodon.social/tags/SysAdmin" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>SysAdmin</span></a> <a href="https://mastodon.social/tags/HackThePlanet" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>HackThePlanet</span></a> <a href="https://mastodon.social/tags/EthicalHacking" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>EthicalHacking</span></a> <a href="https://mastodon.social/tags/Privacy" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Privacy</span></a> <a href="https://mastodon.social/tags/Tech" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Tech</span></a> <a href="https://mastodon.social/tags/Hacking" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Hacking</span></a> <a href="https://mastodon.social/tags/SecOps" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>SecOps</span></a></p>
Teri Radichel<p>Seeking signs of <a href="https://infosec.exchange/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>cybersecurity</span></a> posts on this platform. Or information on <a href="https://infosec.exchange/tags/pentesting" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>pentesting</span></a> <a href="https://infosec.exchange/tags/bugbounty" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>bugbounty</span></a> what’s causing <a href="https://infosec.exchange/tags/databreach" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>databreach</span></a> es and how to stop them.</p>
Lenin alevski 🕵️💻<p>New Open-Source Tool Spotlight 🚨🚨🚨</p><p>Sqlmap is an open-source tool for automating SQL injection detection and exploitation. It supports multiple databases like MySQL, PostgreSQL, Oracle, and more. Widely used for penetration testing, it includes features like database dumping, password cracking, and file system access. </p><p>Remember: powerful tools require responsible use. <a href="https://infosec.exchange/tags/CyberSecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>CyberSecurity</span></a> <a href="https://infosec.exchange/tags/PenTesting" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>PenTesting</span></a></p><p>🔗 Project link on <a href="https://infosec.exchange/tags/GitHub" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>GitHub</span></a> 👉 <a href="https://github.com/sqlmapproject/sqlmap" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="">github.com/sqlmapproject/sqlmap</span><span class="invisible"></span></a></p><p><a href="https://infosec.exchange/tags/Infosec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Infosec</span></a> <a href="https://infosec.exchange/tags/Cybersecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Cybersecurity</span></a> <a href="https://infosec.exchange/tags/Software" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Software</span></a> <a href="https://infosec.exchange/tags/Technology" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Technology</span></a> <a href="https://infosec.exchange/tags/News" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>News</span></a> <a href="https://infosec.exchange/tags/CTF" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>CTF</span></a> <a href="https://infosec.exchange/tags/Cybersecuritycareer" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Cybersecuritycareer</span></a> <a href="https://infosec.exchange/tags/hacking" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>hacking</span></a> <a href="https://infosec.exchange/tags/redteam" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>redteam</span></a> <a href="https://infosec.exchange/tags/blueteam" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>blueteam</span></a> <a href="https://infosec.exchange/tags/purpleteam" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>purpleteam</span></a> <a href="https://infosec.exchange/tags/tips" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>tips</span></a> <a href="https://infosec.exchange/tags/opensource" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>opensource</span></a> <a href="https://infosec.exchange/tags/cloudsecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>cloudsecurity</span></a></p><p>— ✨<br>🔐 P.S. Found this helpful? Tap Follow for more cybersecurity tips and insights! I share weekly content for professionals and people who want to get into cyber. Happy hacking 💻🏴☠️</p>
0x40k<p>Just stumbled across something kinda scary... SAML authentication issues! Now, I know it sounds super technical, but honestly, this affects ANYONE using Single Sign-On. Seriously!</p><p>Think about logging into Netflix, Google, all that stuff – a lot of it uses SAML. What if someone could just waltz right in pretending to be you? SAML's basically the language websites use to confirm you are who you say you are. And Single Sign-On (SSO) makes it so you only log in once to access everything.</p><p>Now, about CVEs, they're like wanted posters for security flaws. CVE-2025-25291, CVE-2025-25292, CVE-2025-25293 are the numbers to remember. The problem lies in how XML is being interpreted. Two programs, same code, totally different results – NOT GOOD. Imagine two bouncers checking the same ID, but one lets everyone in, and the other doesn't. Total chaos!</p><p>As a pentester, I see these "parser differentials" way more often than I'd like. The devil's always in the details, right?</p><p>Big deal? HUGE. Account Takeover is totally possible! Hackers could swipe your identity. This affects the ruby-saml library – which is frequently used in web applications. Affected versions: < 1.12.4 and >= 1.13.0, < 1.18.0.</p><p>Huge shoutout to GitHub Security Lab for finding this! They're lifesavers.</p><p>Good news, though! Updates are here: ruby-saml 1.12.4 and 1.18.0.</p><p>So, check if your web apps are using ruby-saml. And if they are, UPDATE THEM. Like, NOW. This isn't a joke.</p><p>Also, regular pentests are worth their weight in GOLD. Automated tools often miss stuff like this.</p><p>Do you use SAML? What are your experiences with it? How do you secure your web applications? Ever run into similar parsing issues? Let's share info and help keep everyone safe!</p><p><a href="https://infosec.exchange/tags/infosec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>infosec</span></a> <a href="https://infosec.exchange/tags/pentesting" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>pentesting</span></a> <a href="https://infosec.exchange/tags/security" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>security</span></a></p>
The New Oil<p><a href="https://mastodon.thenewoil.org/tags/Hetty" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Hetty</span></a>: <a href="https://mastodon.thenewoil.org/tags/OpenSource" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>OpenSource</span></a> <a href="https://mastodon.thenewoil.org/tags/HTTP" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>HTTP</span></a> toolkit for security research</p><p><a href="https://www.helpnetsecurity.com/2025/03/10/hetty-open-source-http-toolkit-security-research/" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">helpnetsecurity.com/2025/03/10</span><span class="invisible">/hetty-open-source-http-toolkit-security-research/</span></a></p><p><a href="https://mastodon.thenewoil.org/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>cybersecurity</span></a> <a href="https://mastodon.thenewoil.org/tags/PenTesting" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>PenTesting</span></a></p>
Teri Radichel<p>Special Characters :^)<br>Thinking about all the ways I can encode data (and attacks)<br><a href="https://infosec.exchange/tags/pentesting" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>pentesting</span></a> </p><p><a href="https://medium.com/cloud-security/special-characters-9a65093c5bfe" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">medium.com/cloud-security/spec</span><span class="invisible">ial-characters-9a65093c5bfe</span></a></p>
0x40k<p>Alright folks, CISA's back at it again! 🚨 Looks like Advantive VeraCore and Ivanti EPM are currently in the spotlight.</p><p>SQL Injections and Path Traversal, the whole shebang! 🤯 What does this mean for us in the real world? Well, unpatched systems are basically a free lunch for attackers. And yeah, even the ones with fewer skills.</p><p>This totally reminds me of that last pentest where we almost took over the entire system with a simple SQLi. Ouch! 😅</p><p>So, what's the plan? Patch, patch, patch! And then? Check your configurations, crank up the hardening, and schedule regular pentests!</p><p>What security news is keeping you up at night these days? Spill the beans! 👇</p><p><a href="https://infosec.exchange/tags/ITSecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>ITSecurity</span></a> <a href="https://infosec.exchange/tags/Pentesting" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Pentesting</span></a> <a href="https://infosec.exchange/tags/CISA" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>CISA</span></a></p>
0x40k<p>Whoa! Japanese companies are currently facing a serious threat due to a PHP vulnerability (CVE-2024-4577). It might sound like tech jargon, but trust me, it's a huge deal! 😬</p><p>Attackers are exploiting this flaw to run malicious code and install Cobalt Strike (yeah, that penetration testing tool – go figure 🙄). And that's when things get really nasty: password theft, lateral movement within the network... 🤬</p><p>The bottom line is this: vulnerabilities like these are like striking gold for cybercriminals. A quick update is absolutely essential! But what's even more critical? Regular, hands-on penetration tests! Automated tools often miss these types of vulnerabilities. ☝️</p><p>I'm curious to know: What steps do you take to secure your PHP applications? What penetration testing methods do you find most effective? 🤔</p><p><a href="https://infosec.exchange/tags/Security" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Security</span></a> <a href="https://infosec.exchange/tags/Pentesting" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Pentesting</span></a> <a href="https://infosec.exchange/tags/PHP" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>PHP</span></a></p>
0x40k<p>Alright, Go developers, listen up! 🚨 Seriously crazy stuff is happening in the Go world right now. We're talking major typosquatting issues. Attackers are slithering in and spreading malware via fake packages, can you believe it?</p><p>So, for goodness sake, pay super close attention to the names of your modules! One little typo and bam! You've got yourself a nasty infection. As a pentester, I see this kind of thing all the time, sadly. Tiny mistakes, HUGE consequences. This malware then installs a backdoor. Totally not cool, right?</p><p>Therefore, check your imports, folks! And make sure you're getting your devs trained up on security. Automated scans? Nice to have, sure, but they're absolutely no substitute for a manual pentest! What are your go-to tools for fighting this kind of attack? Oh, and yeah, IT security *has* to be in the budget, that's just the way it is.</p><p><a href="https://infosec.exchange/tags/golang" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>golang</span></a> <a href="https://infosec.exchange/tags/security" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>security</span></a> <a href="https://infosec.exchange/tags/typosquatting" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>typosquatting</span></a> <a href="https://infosec.exchange/tags/pentesting" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>pentesting</span></a></p>
Konstantin :C_H:<p>I'm excited to share CVE Crowd's Top 5 Vulnerabilities from February 25!</p><p>These five stood out among the 352 CVEs actively discussed across the Fediverse.</p><p>For each CVE, I’ve included a standout post from the community.</p><p>Enjoy exploring! 👇</p><p><a href="https://infosec.exchange/tags/Pentesting" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Pentesting</span></a> <a href="https://infosec.exchange/tags/AppSec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>AppSec</span></a> <a href="https://infosec.exchange/tags/InfoSec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>InfoSec</span></a> <a href="https://infosec.exchange/tags/CyberSecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>CyberSecurity</span></a> <a href="https://infosec.exchange/tags/BugBounty" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>BugBounty</span></a> <a href="https://infosec.exchange/tags/Hacking" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Hacking</span></a> <a href="https://infosec.exchange/tags/CVE" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>CVE</span></a> <a href="https://infosec.exchange/tags/CveCrowd" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>CveCrowd</span></a></p>
_Veronica_<p>Our latest paper is on Arxiv: ARACNE: An LLM-Based Autonomous Shell Pentesting Agent</p><p><a href="https://arxiv.org/pdf/2502.18528" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="">arxiv.org/pdf/2502.18528</span><span class="invisible"></span></a></p><p><a href="https://infosec.exchange/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>cybersecurity</span></a> <a href="https://infosec.exchange/tags/LLMs" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>LLMs</span></a> <a href="https://infosec.exchange/tags/pentesting" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>pentesting</span></a> <a href="https://infosec.exchange/tags/autonomousagents" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>autonomousagents</span></a></p>
0x40k<p>Hey everyone, what's cooking in the open-source universe? 🤯 I just stumbled upon something that's seriously mind-blowing.</p><p>So, there's this Python library pretending to be a music tool (automslc), but get this – it's actually illegally downloading songs from Deezer! And the worst part? It turns your computer into an accomplice in a huge music piracy operation. Seriously, a digital pirate cove. 🏴☠️</p><p>And then there's this npm saga with @ton-wallet/create... Crypto wallet emptied, just like that! 💸</p><p>The moral of the story? Open source rocks, but blindly trusting everything is a recipe for disaster. Always double-check those dependencies! Automated scans are cool, but a real penetration test? That's pure gold. 🥇</p><p>Clients are always so appreciative when we can spot and fix this kind of stuff beforehand!</p><p>Now, I'm curious: What are your go-to methods for keeping your codebase squeaky clean and secure? Any tips or tricks you'd like to share?</p><p><a href="https://infosec.exchange/tags/infosec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>infosec</span></a> <a href="https://infosec.exchange/tags/pentesting" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>pentesting</span></a> <a href="https://infosec.exchange/tags/devsecops" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>devsecops</span></a> <a href="https://infosec.exchange/tags/opensource" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>opensource</span></a> <a href="https://infosec.exchange/tags/python" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>python</span></a> <a href="https://infosec.exchange/tags/javascript" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>javascript</span></a></p>
Marek Alexa :verified:<p>Scanning ports with Python 🐍 for beginners to penetration testing.<br>+ Channel Announcement 🙂 </p><p><a href="https://youtu.be/Tc0VDwp-CqQ?si=QK3gZ9oEpcJHOoOg" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">youtu.be/Tc0VDwp-CqQ?si=QK3gZ9</span><span class="invisible">oEpcJHOoOg</span></a></p><p><a href="https://techhub.social/tags/technology" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>technology</span></a> <a href="https://techhub.social/tags/security" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>security</span></a> <a href="https://techhub.social/tags/pentesting" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>pentesting</span></a> <a href="https://techhub.social/tags/python" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>python</span></a> <a href="https://techhub.social/tags/youtube" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>youtube</span></a></p>
Parrot Security<p>Parrot 6.3 has landed 🚀</p><p>🔒 Reinforced security<br>⚡ Improved performance<br>🛠️ Updated tools</p><p>Click the link and read more on the changelog ⬇️</p><p>parrotsec.org/blog/2025-01-3…</p><p><a href="https://mastodon.social/tags/ParrotSec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>ParrotSec</span></a> <a href="https://mastodon.social/tags/ParrotOS" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>ParrotOS</span></a> <a href="https://mastodon.social/tags/CyberSecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>CyberSecurity</span></a> <a href="https://mastodon.social/tags/CybersecurityNews" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>CybersecurityNews</span></a> <a href="https://mastodon.social/tags/Hacking" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Hacking</span></a> <a href="https://mastodon.social/tags/PenTest" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>PenTest</span></a> <a href="https://mastodon.social/tags/Pentesting" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Pentesting</span></a> <a href="https://mastodon.social/tags/linux" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>linux</span></a> <a href="https://mastodon.social/tags/linuxdistro" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>linuxdistro</span></a></p>
Karsten Johansson<p>True Story, bruh:</p><p>Back in the 90's people would go on about how superior emacs is as an editor. And some cheerleaders would hound me about why I "still" used (and still do today) vi... vim actually. Even for doing things like Usenet news, and the email client. Joe was in a lot of email readers, which is pretty much slobberproof, BUT...</p><p>My answer was and still is simple. I hack and break things for a living. I've never seen emacs installed on a bridge, router, or frankly any other network device. Hell, when the web came around, emacs was only rarely on those servers, either. But ed and vi is (was?) on pretty much all of them.</p><p>So that's what I learned. And my personal ecosystem and workflow is all about vi(m) and nothing about emacs.</p><p>Even though I'm a Lisp cheerleader, lol.</p><p>Do I hate emacs? No, but I do very much dislike the overpowering smell of religion that seems permeate it's very existence, like those dirty air lines fuming from the Peanuts character Pigpen.</p><p>Some call me a space cowboy. Some call me a gangsta of <a href="https://infosec.exchange/tags/Lisp" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Lisp</span></a> :ablobdj: </p><p><a href="https://infosec.exchange/tags/commonlisp" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>commonlisp</span></a> <a href="https://infosec.exchange/tags/vi" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>vi</span></a> <a href="https://infosec.exchange/tags/emacs" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>emacs</span></a> <a href="https://infosec.exchange/tags/vim" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>vim</span></a> <a href="https://infosec.exchange/tags/pentesting" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>pentesting</span></a> <a href="https://infosec.exchange/tags/editor" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>editor</span></a> <a href="https://infosec.exchange/tags/clisp" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>clisp</span></a> <a href="https://infosec.exchange/tags/sbcl" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>sbcl</span></a></p>
Marek Alexa :verified:<p>Documentation, documentation, documentation ...</p><p>Pentesters, stay out of trouble. 👮♂️ </p><p><a href="https://youtu.be/luH2WGCf7k4" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="">youtu.be/luH2WGCf7k4</span><span class="invisible"></span></a></p><p><a href="https://techhub.social/tags/pentesting" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>pentesting</span></a> <a href="https://techhub.social/tags/technology" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>technology</span></a> <a href="https://techhub.social/tags/infosec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>infosec</span></a> <a href="https://techhub.social/tags/security" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>security</span></a></p>
IT News<p>This Week in Security: ClamAV, The AMD Leak, and The Unencrypted Power Grid - Cisco’s ClamAV has a heap-based buffer overflow in its OLE2 file scanning. That’s ... - <a href="https://hackaday.com/2025/01/24/this-week-in-security-clamav-the-amd-leak-and-the-unencrypted-power-grid/" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">hackaday.com/2025/01/24/this-w</span><span class="invisible">eek-in-security-clamav-the-amd-leak-and-the-unencrypted-power-grid/</span></a> <a href="https://schleuss.online/tags/thisweekinsecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>thisweekinsecurity</span></a> <a href="https://schleuss.online/tags/hackadaycolumns" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>hackadaycolumns</span></a> <a href="https://schleuss.online/tags/securityhacks" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>securityhacks</span></a> <a href="https://schleuss.online/tags/pentesting" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>pentesting</span></a> <a href="https://schleuss.online/tags/microcode" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>microcode</span></a> <a href="https://schleuss.online/tags/clamav" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>clamav</span></a> <a href="https://schleuss.online/tags/news" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>news</span></a></p>
ExploreLive feeds
Mastodon is the best way to keep up with what's happening.
Follow anyone across the fediverse and see it all in chronological order. No algorithms, ads, or clickbait in sight.
Create accountLoginDrag & drop to upload