harisec
@harisec.bsky.social
Interested in web security, bug bounties, machine learning and investing. SolidGoldMagikarp
Pinned
harisec
@harisec.bsky.social
· Nov 26
I've released 'brainstorm': an alternative way to do web fuzzing combining my fav fuzzing tool 'ffuf' (from @joohoi.bsky.social )with local LLMs (via Ollama API) to generate smarter filename tests. It usually finds more endpoints with fewer requests. Added a IIS shortname support @irsdl.bsky.social
I generated 20k vibe-coded web applications using various models via the OpenRouter API and analyzed them for security issues.
The apps are available for download if anyone wants to take a look.
www.invicti.com/blog/securit...
The apps are available for download if anyone wants to take a look.
www.invicti.com/blog/securit...
Security Issues in Vibe-Coded Web Apps: Analysis, Vulnerabilities, Scanning
Learn about common security issues in AI-generated software, based on an analysis of over 20,000 vibe-coded web apps.
www.invicti.com
November 6, 2025 at 7:28 AM
I generated 20k vibe-coded web applications using various models via the OpenRouter API and analyzed them for security issues.
The apps are available for download if anyone wants to take a look.
www.invicti.com/blog/securit...
The apps are available for download if anyone wants to take a look.
www.invicti.com/blog/securit...
I wrote a blog post about enumerating and testing tool usage in web applications that use LLMs:
www.invicti.com/blog/securit...
www.invicti.com/blog/securit...
LLM Tool Usage Security
Learn how attackers can exploit LLM tool usage and MCP servers, why this expands the attack surface, and how automated DAST scanning strengthens LLM security in web applications.
www.invicti.com
September 24, 2025 at 8:45 AM
I wrote a blog post about enumerating and testing tool usage in web applications that use LLMs:
www.invicti.com/blog/securit...
www.invicti.com/blog/securit...
Here are the slides from my @tumpicon.org talk: Teaching LLMs how to XSS - An introduction to fine-tuning and reinforcement learning (using your own GPU)
docs.google.com/presentation...
docs.google.com/presentation...
Teaching LLMs how to XSS
Teaching LLMs how to XSS An introduction to fine-tuning and reinforcement learning (using your own GPU)
docs.google.com
June 28, 2025 at 7:26 PM
Here are the slides from my @tumpicon.org talk: Teaching LLMs how to XSS - An introduction to fine-tuning and reinforcement learning (using your own GPU)
docs.google.com/presentation...
docs.google.com/presentation...
I wrote an article about how it's possible to use Assistant Prefill to jailbreak LLMs (Large Language Models).
Here is an example of the latest model from Microsoft (Phi-4) writing a phishing email:
Here is an example of the latest model from Microsoft (Phi-4) writing a phishing email:
January 13, 2025 at 8:46 AM
I wrote an article about how it's possible to use Assistant Prefill to jailbreak LLMs (Large Language Models).
Here is an example of the latest model from Microsoft (Phi-4) writing a phishing email:
Here is an example of the latest model from Microsoft (Phi-4) writing a phishing email:
My favorite talk from #38c3: From Pegasus to Predator - The evolution of Commercial Spyware on iOS - media.ccc.de/v/38c3-from-...
From Pegasus to Predator - The evolution of Commercial Spyware on iOS
My talk explores the trajectory of iOS spyware from the initial discovery of Pegasus in 2016 to the latest cases in 2024.
The talk will ...
media.ccc.de
January 2, 2025 at 8:47 PM
My favorite talk from #38c3: From Pegasus to Predator - The evolution of Commercial Spyware on iOS - media.ccc.de/v/38c3-from-...
Great paper from Orange Tsai about unicode transformations: worst.fit/assets/EU-24...
worst.fit
December 31, 2024 at 3:18 PM
Great paper from Orange Tsai about unicode transformations: worst.fit/assets/EU-24...
OpenAI o3 model just achieved unbelievable scores (75% and 87%) on ARC-AGI, the previous models made maximum 20% and humans make around 85%. arcprize.org/blog/oai-o3-...
OpenAI o3 Breakthrough High Score on ARC-AGI-Pub
OpenAI o3 scores 75.7% on ARC-AGI public leaderboard.
arcprize.org
December 20, 2024 at 7:10 PM
OpenAI o3 model just achieved unbelievable scores (75% and 87%) on ARC-AGI, the previous models made maximum 20% and humans make around 85%. arcprize.org/blog/oai-o3-...
Must read if you are interested in test-time compute: huggingface.co/spaces/Huggi...
Scaling test-time compute - a Hugging Face Space by HuggingFaceH4
Discover amazing ML apps made by the community
huggingface.co
December 17, 2024 at 11:55 AM
Must read if you are interested in test-time compute: huggingface.co/spaces/Huggi...
Great read: semianalysis.com/2024/12/11/s...
Scaling Laws – O1 Pro Architecture, Reasoning Training Infrastructure, Orion and Claude 3.5 Opus “Failures”
There has been an increasing amount of fear, uncertainty and doubt (FUD) regarding AI Scaling laws. A cavalcade of part-time AI industry prognosticators have latched on to any bearish narrative the…
semianalysis.com
December 12, 2024 at 9:54 AM
Great read: semianalysis.com/2024/12/11/s...
Reposted by harisec
If you're interested in the technical details, I wrote the blog post here: flatt.tech/research/pos...
For the further details, please check out the announcement from the OpenWrt team: lists.openwrt.org/pipermail/op... (2/2)
For the further details, please check out the announcement from the OpenWrt team: lists.openwrt.org/pipermail/op... (2/2)
Compromising OpenWrt Supply Chain via Truncated SHA-256 Collision and Command Injection
Introduction Hello, I’m RyotaK (@ryotkak ), a security engineer at Flatt Security Inc.
A few days ago, I was upgrading my home lab network, and I decided to upgrade the OpenWrt on my router.1 After ac...
flatt.tech
December 7, 2024 at 9:47 AM
If you're interested in the technical details, I wrote the blog post here: flatt.tech/research/pos...
For the further details, please check out the announcement from the OpenWrt team: lists.openwrt.org/pipermail/op... (2/2)
For the further details, please check out the announcement from the OpenWrt team: lists.openwrt.org/pipermail/op... (2/2)
Reposted by harisec
Here is a great follow up blog post to my blog Remote Code Execution with Spring properties written by Elliot Ward: snyk.io/articles/rem...
Remote Code Execution with Spring Boot 3.4.0 Properties | Snyk
this article introduces two methods for leveraging Logback configuration to achieve Remote Code Execution (RCE) in Spring Boot applications. These techniques are effective on the latest version of Spr...
snyk.io
December 6, 2024 at 9:46 PM
Here is a great follow up blog post to my blog Remote Code Execution with Spring properties written by Elliot Ward: snyk.io/articles/rem...
Reposted by harisec
Pro tip for if you have XSS but you can only use upper case:
aem1k.com/transliterat...
transliterate.js by @aemkei.bsky.social works great!
aem1k.com/transliterat...
transliterate.js by @aemkei.bsky.social works great!
transliterate.js
Translate any JavaScript code to foreign writing systems. Created by Martin Kleppe aka @aemkei.
aem1k.com
December 4, 2024 at 10:06 AM
Pro tip for if you have XSS but you can only use upper case:
aem1k.com/transliterat...
transliterate.js by @aemkei.bsky.social works great!
aem1k.com/transliterat...
transliterate.js by @aemkei.bsky.social works great!
Reposted by harisec
FYI, here's the entire code to create a dataset of every single bsky message in real time:
```
from atproto import *
def f(m): print(m.header, parse_subscribe_repos_message())
FirehoseSubscribeReposClient().start(f)
```
```
from atproto import *
def f(m): print(m.header, parse_subscribe_repos_message())
FirehoseSubscribeReposClient().start(f)
```
November 28, 2024 at 9:56 AM
FYI, here's the entire code to create a dataset of every single bsky message in real time:
```
from atproto import *
def f(m): print(m.header, parse_subscribe_repos_message())
FirehoseSubscribeReposClient().start(f)
```
```
from atproto import *
def f(m): print(m.header, parse_subscribe_repos_message())
FirehoseSubscribeReposClient().start(f)
```
Reposted by harisec
A librarian that previously worked at the British Library created a relatively small dataset of bsky posts, hundreds of times smaller than previous researchers, to help folks create toxicity filters and stuff.
So people bullied him & posted death threats.
He took it down.
Nice one, folks.
So people bullied him & posted death threats.
He took it down.
Nice one, folks.
November 28, 2024 at 5:33 AM
A librarian that previously worked at the British Library created a relatively small dataset of bsky posts, hundreds of times smaller than previous researchers, to help folks create toxicity filters and stuff.
So people bullied him & posted death threats.
He took it down.
Nice one, folks.
So people bullied him & posted death threats.
He took it down.
Nice one, folks.
Reposted by harisec
qwq is a new openly licensed LLM from Alibaba Cloud's Qwen team. It's an attempt at the OpenAI o1 "reasoning" trick that runs on my Mac (20GB download) via Ollama... and it's pretty good!
My detailed notes here: simonwillison.net/2024/Nov/27/... - here's its attempt an SVG pelican riding a bicycle.
My detailed notes here: simonwillison.net/2024/Nov/27/... - here's its attempt an SVG pelican riding a bicycle.
November 28, 2024 at 12:09 AM
qwq is a new openly licensed LLM from Alibaba Cloud's Qwen team. It's an attempt at the OpenAI o1 "reasoning" trick that runs on my Mac (20GB download) via Ollama... and it's pretty good!
My detailed notes here: simonwillison.net/2024/Nov/27/... - here's its attempt an SVG pelican riding a bicycle.
My detailed notes here: simonwillison.net/2024/Nov/27/... - here's its attempt an SVG pelican riding a bicycle.
I've released 'brainstorm': an alternative way to do web fuzzing combining my fav fuzzing tool 'ffuf' (from @joohoi.bsky.social )with local LLMs (via Ollama API) to generate smarter filename tests. It usually finds more endpoints with fewer requests. Added a IIS shortname support @irsdl.bsky.social
November 26, 2024 at 8:57 AM
I've released 'brainstorm': an alternative way to do web fuzzing combining my fav fuzzing tool 'ffuf' (from @joohoi.bsky.social )with local LLMs (via Ollama API) to generate smarter filename tests. It usually finds more endpoints with fewer requests. Added a IIS shortname support @irsdl.bsky.social
Reposted by harisec
Cursor, the top performing #AI IDE, launched version 0.43 today with support for 🥁… Agents!
Composer can now “pick its own context, use terminal, and complete entire tasks”
give it a whirl: www.cursor.com
Composer can now “pick its own context, use terminal, and complete entire tasks”
give it a whirl: www.cursor.com
November 24, 2024 at 6:35 PM
Cursor, the top performing #AI IDE, launched version 0.43 today with support for 🥁… Agents!
Composer can now “pick its own context, use terminal, and complete entire tasks”
give it a whirl: www.cursor.com
Composer can now “pick its own context, use terminal, and complete entire tasks”
give it a whirl: www.cursor.com
Reposted by harisec
Earlier this year, Assetnote's Security Research team discovered a vulnerability in Sitecore XP (CVE-2024-46938) that can lead to pre-authentication RCE.
Order of operations bugs are one of my favorite types of bugs :) Write up and exploit script here: assetnote.io/resources/re...
Order of operations bugs are one of my favorite types of bugs :) Write up and exploit script here: assetnote.io/resources/re...
November 22, 2024 at 5:50 AM
Earlier this year, Assetnote's Security Research team discovered a vulnerability in Sitecore XP (CVE-2024-46938) that can lead to pre-authentication RCE.
Order of operations bugs are one of my favorite types of bugs :) Write up and exploit script here: assetnote.io/resources/re...
Order of operations bugs are one of my favorite types of bugs :) Write up and exploit script here: assetnote.io/resources/re...
Reposted by harisec
We're doing a cool online talk tomorrow btw – hexarcana.ch/workshops/cv...
CVEs of SSH
A talk about recent high-profile issues related to the SSH ecosystem.
hexarcana.ch
November 20, 2024 at 7:19 PM
We're doing a cool online talk tomorrow btw – hexarcana.ch/workshops/cv...
Reposted by harisec
Great article about multipart parsing. Reminds me about the bypasses I found in modsec parser medium.com/@terjanq/waf...
November 19, 2024 at 1:13 PM
Great article about multipart parsing. Reminds me about the bypasses I found in modsec parser medium.com/@terjanq/waf...
Reposted by harisec
#WAF: "When WAFs Go Awry: Common Detection & Evasion Techniques for Web Application Firewalls" - by @MDSecLabs:
👇
www.mdsec.co.uk/2024/10/when...
👇
www.mdsec.co.uk/2024/10/when...
When WAFs Go Awry: Common Detection & Evasion Techniques for Web Application Firewalls - MDSec
Web Application Firewalls (WAFs) help to protect web applications by monitoring, filtering, and blocking HTTP traffic to and from a web service. However, WAFs are too often relied upon as...
www.mdsec.co.uk
November 19, 2024 at 9:06 AM
#WAF: "When WAFs Go Awry: Common Detection & Evasion Techniques for Web Application Firewalls" - by @MDSecLabs:
👇
www.mdsec.co.uk/2024/10/when...
👇
www.mdsec.co.uk/2024/10/when...
Reposted by harisec
How does the new iOS inactivity reboot work? What does it protect from?
I reverse engineered the kernel extension and the secure enclave processor, where this feature is implemented.
naehrdine.blogspot.com/2024/11/reve...
I reverse engineered the kernel extension and the secure enclave processor, where this feature is implemented.
naehrdine.blogspot.com/2024/11/reve...
Reverse Engineering iOS 18 Inactivity Reboot
Wireless and firmware hacking, PhD life, Technology
naehrdine.blogspot.com
November 17, 2024 at 9:42 PM
How does the new iOS inactivity reboot work? What does it protect from?
I reverse engineered the kernel extension and the secure enclave processor, where this feature is implemented.
naehrdine.blogspot.com/2024/11/reve...
I reverse engineered the kernel extension and the secure enclave processor, where this feature is implemented.
naehrdine.blogspot.com/2024/11/reve...
Reposted by harisec
As a pentester and security engineer, I found this talk to be very inspiring. I haven't been able to use the tool yet, but you can bet I will soon!
youtu.be/bCNnloBaw_U?...
youtu.be/bCNnloBaw_U?...
The Dangers of Building a Recursive Internet Scanner by Joel Moore | BSides CHS 2024
YouTube video by BSidesCHS
youtu.be
November 18, 2024 at 12:07 AM
As a pentester and security engineer, I found this talk to be very inspiring. I haven't been able to use the tool yet, but you can bet I will soon!
youtu.be/bCNnloBaw_U?...
youtu.be/bCNnloBaw_U?...