LiveOverflow π΄
@liveoverflow.bsky.social
Managers will be the first to be replaced by AI, because they send so many Emails back and forth that we can easily train models on it π€
The only reason it doesn't happen is because managers protect their own job by not letting teams work on this π§
The only reason it doesn't happen is because managers protect their own job by not letting teams work on this π§
February 21, 2025 at 1:28 PM
Managers will be the first to be replaced by AI, because they send so many Emails back and forth that we can easily train models on it π€
The only reason it doesn't happen is because managers protect their own job by not letting teams work on this π§
The only reason it doesn't happen is because managers protect their own job by not letting teams work on this π§
Got two RTX 3090 for local AI stuff.
And yes, I do see that the thermals are not optimal π
And yes, I do see that the thermals are not optimal π
February 19, 2025 at 7:14 PM
Got two RTX 3090 for local AI stuff.
And yes, I do see that the thermals are not optimal π
And yes, I do see that the thermals are not optimal π
Ah cool thanks! I was wondering where this is from. I was just thinking of "Fancy Bear" en.wikipedia.org/wiki/Fancy_B...
Fancy Bear - Wikipedia
en.wikipedia.org
January 29, 2025 at 3:47 PM
Ah cool thanks! I was wondering where this is from. I was just thinking of "Fancy Bear" en.wikipedia.org/wiki/Fancy_B...
Fancy Bear! what are young russian hackers up to??
January 29, 2025 at 11:17 AM
Fancy Bear! what are young russian hackers up to??
LangGraph Studio looks pretty amazing. Unfortunately local deployment requires a langsmith license (Free while in beta) :/
Are there any good alternative UIs to observe and trace LangGraph or LangChain agents?
Are there any good alternative UIs to observe and trace LangGraph or LangChain agents?
January 27, 2025 at 4:53 PM
LangGraph Studio looks pretty amazing. Unfortunately local deployment requires a langsmith license (Free while in beta) :/
Are there any good alternative UIs to observe and trace LangGraph or LangChain agents?
Are there any good alternative UIs to observe and trace LangGraph or LangChain agents?
Reposted by LiveOverflow π΄
This year two new security legends have joined the top-ten expert panel - @liveoverflow.bsky.social and @stokfredrik.bsky.social! Excited to see what analysis & insights they bring to the top ten alongside long-time contributors @agarri.fr and @irsdl.bsky.social
January 23, 2025 at 12:37 PM
This year two new security legends have joined the top-ten expert panel - @liveoverflow.bsky.social and @stokfredrik.bsky.social! Excited to see what analysis & insights they bring to the top ten alongside long-time contributors @agarri.fr and @irsdl.bsky.social
This was really a good conversation!
1. OP is capable to self-reflect and be humble
2. Commenters are knowledgable and they asked the right questions
3. And OP genuinely engaged with the responses
Source: www.reddit.com/r/bugbounty/...
1. OP is capable to self-reflect and be humble
2. Commenters are knowledgable and they asked the right questions
3. And OP genuinely engaged with the responses
Source: www.reddit.com/r/bugbounty/...
From the bugbounty community on Reddit
Explore this post and more from the bugbounty community
www.reddit.com
January 24, 2025 at 2:14 PM
This was really a good conversation!
1. OP is capable to self-reflect and be humble
2. Commenters are knowledgable and they asked the right questions
3. And OP genuinely engaged with the responses
Source: www.reddit.com/r/bugbounty/...
1. OP is capable to self-reflect and be humble
2. Commenters are knowledgable and they asked the right questions
3. And OP genuinely engaged with the responses
Source: www.reddit.com/r/bugbounty/...
This is the kind of issue where you need to change your perspective. If you are stuck with "we as the attacker want to directly access cached data", you will miss the obvious.
Turns out, we can control the cache parameter, by forcing the victim to visit the link with our value!!
Turns out, we can control the cache parameter, by forcing the victim to visit the link with our value!!
January 24, 2025 at 2:14 PM
This is the kind of issue where you need to change your perspective. If you are stuck with "we as the attacker want to directly access cached data", you will miss the obvious.
Turns out, we can control the cache parameter, by forcing the victim to visit the link with our value!!
Turns out, we can control the cache parameter, by forcing the victim to visit the link with our value!!
OP clarifies it's not the browser cache. Server-side cache would still be exploitable, right?
But no... OP explains that it's not exploitable, because an attacker cannot guess the random cache key parameter :(
But no... OP explains that it's not exploitable, because an attacker cannot guess the random cache key parameter :(
January 24, 2025 at 2:14 PM
OP clarifies it's not the browser cache. Server-side cache would still be exploitable, right?
But no... OP explains that it's not exploitable, because an attacker cannot guess the random cache key parameter :(
But no... OP explains that it's not exploitable, because an attacker cannot guess the random cache key parameter :(
Those are the real bug bounty tricks nobody talks about :P Faking bugs!!!
Jokes aside, that's not the end of the story!
A fellow hunter asks some clarifying questions. Browser cache? Server side cache? Or maybe even a service worker?
Jokes aside, that's not the end of the story!
A fellow hunter asks some clarifying questions. Browser cache? Server side cache? Or maybe even a service worker?
January 24, 2025 at 2:14 PM
Those are the real bug bounty tricks nobody talks about :P Faking bugs!!!
Jokes aside, that's not the end of the story!
A fellow hunter asks some clarifying questions. Browser cache? Server side cache? Or maybe even a service worker?
Jokes aside, that's not the end of the story!
A fellow hunter asks some clarifying questions. Browser cache? Server side cache? Or maybe even a service worker?
This is a great post on bug bounty reddit!
OP reported an IDOR, gets paid $2,000, and then realizes it never was IDOR. It's just a cached response...
OP reported an IDOR, gets paid $2,000, and then realizes it never was IDOR. It's just a cached response...
January 24, 2025 at 2:14 PM
This is a great post on bug bounty reddit!
OP reported an IDOR, gets paid $2,000, and then realizes it never was IDOR. It's just a cached response...
OP reported an IDOR, gets paid $2,000, and then realizes it never was IDOR. It's just a cached response...
This song would be fun to analyse in german or politics class outside of Germany.
The video and the dialect, combined with some pretty clever lines, you can learn a lot about the current german political and social climate π π
www.youtube.com/watch?v=FoD0...
The video and the dialect, combined with some pretty clever lines, you can learn a lot about the current german political and social climate π π
www.youtube.com/watch?v=FoD0...
FiNCH - WENN DU DUMM BiST
YouTube video by FiNCH
www.youtube.com
January 24, 2025 at 2:12 PM
This song would be fun to analyse in german or politics class outside of Germany.
The video and the dialect, combined with some pretty clever lines, you can learn a lot about the current german political and social climate π π
www.youtube.com/watch?v=FoD0...
The video and the dialect, combined with some pretty clever lines, you can learn a lot about the current german political and social climate π π
www.youtube.com/watch?v=FoD0...
Checkout his new talk from 38c3 "Fearsome File Formats": media.ccc.de/v/38c3-fears...
Fearsome File Formats
Specifications are enough, they sayβ¦
10 years after 31c3's "Funky File Formats" β¦
Have things improved?
With so many open-source parse...
media.ccc.de
January 6, 2025 at 10:28 AM
Checkout his new talk from 38c3 "Fearsome File Formats": media.ccc.de/v/38c3-fears...
My video "What is a File Format?" is also based on his work.
www.youtube.com/watch?v=VVdm...
www.youtube.com/watch?v=VVdm...
What is a File Format?
YouTube video by LiveOverflow
www.youtube.com
January 6, 2025 at 10:28 AM
My video "What is a File Format?" is also based on his work.
www.youtube.com/watch?v=VVdm...
www.youtube.com/watch?v=VVdm...
When I was still early in my career, 7 years ago at 31C3, I saw
Ange Albertini's talk. His work on file formats always was one of those "aha!" moments for me.
So it was really nice to see @angealbertini.bsky.social (corkami) back again at #38C3 <3
Ange Albertini's talk. His work on file formats always was one of those "aha!" moments for me.
So it was really nice to see @angealbertini.bsky.social (corkami) back again at #38C3 <3
January 6, 2025 at 10:28 AM
When I was still early in my career, 7 years ago at 31C3, I saw
Ange Albertini's talk. His work on file formats always was one of those "aha!" moments for me.
So it was really nice to see @angealbertini.bsky.social (corkami) back again at #38C3 <3
Ange Albertini's talk. His work on file formats always was one of those "aha!" moments for me.
So it was really nice to see @angealbertini.bsky.social (corkami) back again at #38C3 <3
Thank you @gf256.bsky.social and SuperFashi for taking time to make this π₯°
This video in particular reminds me of the the classic live CTF recordings that helped me break through an educational wall, and motivated me to start LiveOverflow
This video in particular reminds me of the the classic live CTF recordings that helped me break through an educational wall, and motivated me to start LiveOverflow
December 31, 2024 at 10:10 AM
Thank you @gf256.bsky.social and SuperFashi for taking time to make this π₯°
This video in particular reminds me of the the classic live CTF recordings that helped me break through an educational wall, and motivated me to start LiveOverflow
This video in particular reminds me of the the classic live CTF recordings that helped me break through an educational wall, and motivated me to start LiveOverflow
Kids these days don't even know how much opportunity they have to learn hacking from actual pros.
I know there is a lot of content out there, so it can be hard to find the good stuff. But 10 years ago you had to be lucky to find at least something.
Anyway, watch this π
I know there is a lot of content out there, so it can be hard to find the good stuff. But 10 years ago you had to be lucky to find at least something.
Anyway, watch this π
My videos for Flare-On 2024 are live! Watch me reverse engineer all the challenges from start to end. ππ₯³
+ Commentary video featuring SuperFashi, where we review the chals together.
* 45 hours of content
* 400+ GB of raw footage
Merry Christmas! Link: www.youtube.com/watch?v=vwW9...
+ Commentary video featuring SuperFashi, where we review the chals together.
* 45 hours of content
* 400+ GB of raw footage
Merry Christmas! Link: www.youtube.com/watch?v=vwW9...
Flare-On 2024 Solutions and Commentary
YouTube video by BasteG0d69
www.youtube.com
December 31, 2024 at 10:10 AM
Kids these days don't even know how much opportunity they have to learn hacking from actual pros.
I know there is a lot of content out there, so it can be hard to find the good stuff. But 10 years ago you had to be lucky to find at least something.
Anyway, watch this π
I know there is a lot of content out there, so it can be hard to find the good stuff. But 10 years ago you had to be lucky to find at least something.
Anyway, watch this π
My cat roomate always pranks me when I don't lock my laptop
December 2, 2024 at 5:07 PM
My cat roomate always pranks me when I don't lock my laptop
Binary Exploitation vs. Web Security
Want to learn hacking? (ad) https://hextree.io
www.youtube.com
October 6, 2023 at 7:44 AM
Zenbleed (CVE-2023-20593)
https://youtu.be/9EY_9KtxyPg
https://youtu.be/9EY_9KtxyPg
Zenbleed (CVE-2023-20593)
Let's explore the \
youtu.be
September 1, 2023 at 7:20 PM
Zenbleed (CVE-2023-20593)
https://youtu.be/9EY_9KtxyPg
https://youtu.be/9EY_9KtxyPg