@piscat.bsky.social
Reposted
I'm slowly going though the talks from the CCC congress. Here's my favorites so far... ⤵️
January 13, 2026 at 11:35 AM
I'm slowly going though the talks from the CCC congress. Here's my favorites so far... ⤵️
Reposted
Benches outside a library in Bulgaria
January 10, 2026 at 9:01 PM
Benches outside a library in Bulgaria
Reposted
New personal website: nadim.computer
Nadim Kobeissi
Nadim Kobeissi - Applied cryptographer based in Paris. Security auditor at Cure53, founder of Symbolic Software.
nadim.computer
December 6, 2025 at 10:01 PM
New personal website: nadim.computer
Reposted
I've put together a website which indexes all the recordings my rigs have made thus-far as well as those currently planned:
administraitor.video
(minimalist - I'm a mid-/backend dev! 😋)
administraitor.video
(minimalist - I'm a mid-/backend dev! 😋)
Infosec/hacking videos recorded by Cooper (@Ministraitor)
Infosec/hacking videos recorded by Cooper (@Ministraitor)
administraitor.video
November 14, 2024 at 1:33 PM
I've put together a website which indexes all the recordings my rigs have made thus-far as well as those currently planned:
administraitor.video
(minimalist - I'm a mid-/backend dev! 😋)
administraitor.video
(minimalist - I'm a mid-/backend dev! 😋)
Reposted
Such a great deepdive into cookies. Read!
Handling Cookies is a Minefield:
Inconsistencies in the HTTP cookie specification and its implementations have caused a situation where countless websites (including Facebook, Netflix, Okta, WhatsApp, Apple, etc.) are one small mistake away from locking their users out.
grayduck.mn/2024/11/21/h...
Inconsistencies in the HTTP cookie specification and its implementations have caused a situation where countless websites (including Facebook, Netflix, Okta, WhatsApp, Apple, etc.) are one small mistake away from locking their users out.
grayduck.mn/2024/11/21/h...
November 26, 2024 at 7:50 AM
Such a great deepdive into cookies. Read!
Reposted
I'm thrilled to announce "HTTP/1 Must Die! The Desync Endgame", at #BHUSA! This is going to be epic, check out the abstract for a teaser ↓
May 14, 2025 at 1:31 PM
I'm thrilled to announce "HTTP/1 Must Die! The Desync Endgame", at #BHUSA! This is going to be epic, check out the abstract for a teaser ↓
Reposted
Reposted
A pile of rocks that always fascinated me in Lake Ontario. Caught at the right time, they look pretty amazing! #Photography #EastCoastKin #longexposure
April 8, 2025 at 10:41 PM
A pile of rocks that always fascinated me in Lake Ontario. Caught at the right time, they look pretty amazing! #Photography #EastCoastKin #longexposure
Reposted
The library of Folkwang University in Essen, Germany
March 25, 2025 at 9:05 AM
The library of Folkwang University in Essen, Germany
Reposted
Super interesting read so far!
Nexus: A Brief History of Information Networks from the Stone Age to AI
Nexus: A Brief History of Information Networks from the Stone Age to AI [Harari, Yuval Noah] on Amazon.com. *FREE* shipping on qualifying offers. Nexus: A Brief History of Information Networks from the Stone Age to AI
www.amazon.com
January 5, 2025 at 3:26 PM
Super interesting read so far!
Reposted
Great read: semianalysis.com/2024/12/11/s...
Scaling Laws – O1 Pro Architecture, Reasoning Training Infrastructure, Orion and Claude 3.5 Opus “Failures”
There has been an increasing amount of fear, uncertainty and doubt (FUD) regarding AI Scaling laws. A cavalcade of part-time AI industry prognosticators have latched on to any bearish narrative the…
semianalysis.com
December 12, 2024 at 9:54 AM
Great read: semianalysis.com/2024/12/11/s...
Reposted
Rainbow hat over Grand Canyon national Park 🌈🎩…
Captured at 300mm for compression.
#bluesky #photography #nature #landscape #landscapephotography #naturephotography #rainbow
Captured at 300mm for compression.
#bluesky #photography #nature #landscape #landscapephotography #naturephotography #rainbow
December 2, 2024 at 10:44 AM
Rainbow hat over Grand Canyon national Park 🌈🎩…
Captured at 300mm for compression.
#bluesky #photography #nature #landscape #landscapephotography #naturephotography #rainbow
Captured at 300mm for compression.
#bluesky #photography #nature #landscape #landscapephotography #naturephotography #rainbow
Reposted
After having a "family feud" about how long something took to finish, I created this small game to test your sense of duration.
Have a go and try doing it without (the sound) of a clock etc.
0-a.nl/timer.html
My PR is round 19. 😀
Have a go and try doing it without (the sound) of a clock etc.
0-a.nl/timer.html
My PR is round 19. 😀
Timing Game
0-a.nl
November 29, 2024 at 12:30 PM
After having a "family feud" about how long something took to finish, I created this small game to test your sense of duration.
Have a go and try doing it without (the sound) of a clock etc.
0-a.nl/timer.html
My PR is round 19. 😀
Have a go and try doing it without (the sound) of a clock etc.
0-a.nl/timer.html
My PR is round 19. 😀
Reposted
It took my breath away when this view expanded below me: The magnificent mountains of Canada's Yoho National Park cradle turquoise lakes reflecting intense light as the setting sun colors low lying clouds.
#photography #landscape #sunset #nature #bluesky #landscapephotography #naturephotography
#photography #landscape #sunset #nature #bluesky #landscapephotography #naturephotography
November 28, 2024 at 1:17 PM
It took my breath away when this view expanded below me: The magnificent mountains of Canada's Yoho National Park cradle turquoise lakes reflecting intense light as the setting sun colors low lying clouds.
#photography #landscape #sunset #nature #bluesky #landscapephotography #naturephotography
#photography #landscape #sunset #nature #bluesky #landscapephotography #naturephotography
Reposted
To summarize what I have learned about Mutation XSS, my CVE, and the solution to my challenge, I wrote a post going through it all.
If you like regular XSS, this is a whole new world of crazy techniques and many sanitizer bypasses. You too can learn this!
jorianwoltjer.com/blog/p/hacki...
If you like regular XSS, this is a whole new world of crazy techniques and many sanitizer bypasses. You too can learn this!
jorianwoltjer.com/blog/p/hacki...
Post: Mutation XSS: Explained, CVE and Challenge | Jorian Woltjer
Learn how to bypass HTML sanitizers by abusing the intricate parsing rules and mutations. Including my CVE-2024-52595 (lxml_html_clean bypass) and the solution to a hard challenge I shared online
jorianwoltjer.com
November 27, 2024 at 4:01 PM
To summarize what I have learned about Mutation XSS, my CVE, and the solution to my challenge, I wrote a post going through it all.
If you like regular XSS, this is a whole new world of crazy techniques and many sanitizer bypasses. You too can learn this!
jorianwoltjer.com/blog/p/hacki...
If you like regular XSS, this is a whole new world of crazy techniques and many sanitizer bypasses. You too can learn this!
jorianwoltjer.com/blog/p/hacki...
Reposted
One of my favorite books for 2024 📚
I finally got round to reading @josephcox.bsky.social's Dark Wire. It is an incredible story told incredibly well. It is also a story that will remain very relevant for a long time, as the encryption debate moves to new phases. For that reason, the final chapter is the most important one
November 24, 2024 at 3:14 PM
One of my favorite books for 2024 📚
Reposted
Great article about multipart parsing. Reminds me about the bypasses I found in modsec parser medium.com/@terjanq/waf...
November 19, 2024 at 1:13 PM
Great article about multipart parsing. Reminds me about the bypasses I found in modsec parser medium.com/@terjanq/waf...
Reposted
Reading the documentation is a super power 🦸
November 4, 2024 at 11:12 AM
Reading the documentation is a super power 🦸
Reposted
Handling Cookies is a Minefield:
Inconsistencies in the HTTP cookie specification and its implementations have caused a situation where countless websites (including Facebook, Netflix, Okta, WhatsApp, Apple, etc.) are one small mistake away from locking their users out.
grayduck.mn/2024/11/21/h...
Inconsistencies in the HTTP cookie specification and its implementations have caused a situation where countless websites (including Facebook, Netflix, Okta, WhatsApp, Apple, etc.) are one small mistake away from locking their users out.
grayduck.mn/2024/11/21/h...
November 21, 2024 at 5:11 PM
Handling Cookies is a Minefield:
Inconsistencies in the HTTP cookie specification and its implementations have caused a situation where countless websites (including Facebook, Netflix, Okta, WhatsApp, Apple, etc.) are one small mistake away from locking their users out.
grayduck.mn/2024/11/21/h...
Inconsistencies in the HTTP cookie specification and its implementations have caused a situation where countless websites (including Facebook, Netflix, Okta, WhatsApp, Apple, etc.) are one small mistake away from locking their users out.
grayduck.mn/2024/11/21/h...
Reposted
Finally, I took the 5 minutes needed (AI) to "create" the site I always wanted. I won't need to visit random ad-ridden sites just to remember the encoding of characters..
(And I know there are powerful tools and sites to do this. But I want feather light, fast, no bullshit)
(And I know there are powerful tools and sites to do this. But I want feather light, fast, no bullshit)
November 22, 2024 at 8:28 AM
Finally, I took the 5 minutes needed (AI) to "create" the site I always wanted. I won't need to visit random ad-ridden sites just to remember the encoding of characters..
(And I know there are powerful tools and sites to do this. But I want feather light, fast, no bullshit)
(And I know there are powerful tools and sites to do this. But I want feather light, fast, no bullshit)
Reposted
Beautiful lunchtime walk today
November 22, 2024 at 1:57 PM
Beautiful lunchtime walk today
Reposted
Reposted
Here is the "writeup". Hope its clear enough, otherwise ask in comments. Note that there are two paths that will result in XSS. And that the "error path" can be reached in numerous different ways, like alternative 1 and 4.
Alternative 5 hits the "successful path" and can also be used in many ways
Alternative 5 hits the "successful path" and can also be used in many ways
November 19, 2024 at 2:59 PM
Here is the "writeup". Hope its clear enough, otherwise ask in comments. Note that there are two paths that will result in XSS. And that the "error path" can be reached in numerous different ways, like alternative 1 and 4.
Alternative 5 hits the "successful path" and can also be used in many ways
Alternative 5 hits the "successful path" and can also be used in many ways
Reposted
*pssssst*
Hey
You know that one project?
That one you've wanted to write FOREVER except it's scary as hell & maybe you don't feel good
enough or brave enough or strong enough?
Spend 15 min on it today
Keep the dream alive
Even a pot on the back burner needs to occasionally be stirred
Hey
You know that one project?
That one you've wanted to write FOREVER except it's scary as hell & maybe you don't feel good
enough or brave enough or strong enough?
Spend 15 min on it today
Keep the dream alive
Even a pot on the back burner needs to occasionally be stirred
November 15, 2024 at 11:53 PM
*pssssst*
Hey
You know that one project?
That one you've wanted to write FOREVER except it's scary as hell & maybe you don't feel good
enough or brave enough or strong enough?
Spend 15 min on it today
Keep the dream alive
Even a pot on the back burner needs to occasionally be stirred
Hey
You know that one project?
That one you've wanted to write FOREVER except it's scary as hell & maybe you don't feel good
enough or brave enough or strong enough?
Spend 15 min on it today
Keep the dream alive
Even a pot on the back burner needs to occasionally be stirred