Dominic White
@singe.bsky.social
T’was 0xC0N Jozi today. That makes number 9, finally beating ZaC0N’s run of 8 years. It’s such a special con because it’s small and full of passionate attendees - no corporate wage slaves there for a day off work, just a bunch of hackers new and old.
November 1, 2025 at 3:59 PM
T’was 0xC0N Jozi today. That makes number 9, finally beating ZaC0N’s run of 8 years. It’s such a special con because it’s small and full of passionate attendees - no corporate wage slaves there for a day off work, just a bunch of hackers new and old.
Just added SOCKS support to this reverse tunnelling tool github.com/singe/contun...
October 28, 2025 at 2:58 PM
Just added SOCKS support to this reverse tunnelling tool github.com/singe/contun...
I missed Spinach & was tired of writing hard code that LLMs struggled to help with. So I decided to recreate the functionality of Spinach in a discord world. And so Cabbage was born. Cabbage is private for now, but it’s been so cathartic writing something easy and fun. And vhata saved Spinach’s DB!
October 19, 2025 at 11:29 AM
I missed Spinach & was tired of writing hard code that LLMs struggled to help with. So I decided to recreate the functionality of Spinach in a discord world. And so Cabbage was born. Cabbage is private for now, but it’s been so cathartic writing something easy and fun. And vhata saved Spinach’s DB!
Unsolicited tick pic
October 11, 2025 at 11:49 AM
Unsolicited tick pic
I had occasion to hack on some Wordpress’es and realised there’s a ton of surface area exposed over the "new" REST interfaces. Here's a small utility to convert it into a OpenAPI/Swagger file so you can explore it in your pentests/bug bounty work. github.com/sensepost/wp...
September 12, 2025 at 11:10 AM
I had occasion to hack on some Wordpress’es and realised there’s a ton of surface area exposed over the "new" REST interfaces. Here's a small utility to convert it into a OpenAPI/Swagger file so you can explore it in your pentests/bug bounty work. github.com/sensepost/wp...
Cyble wanted this blog post taken down … Barbra Streisand (woo ooh ooh woo woo)
September 8, 2025 at 5:39 AM
Cyble wanted this blog post taken down … Barbra Streisand (woo ooh ooh woo woo)
Total eclipse blood moon our side of the planet right now.
September 7, 2025 at 5:53 PM
Total eclipse blood moon our side of the planet right now.
Interested in the release of hashcat 7 I retested my (now three year old) ntcrack against it. It made me smile to see it's still faster. https://github.com/sensepost/ntcrack
August 15, 2025 at 9:21 PM
Interested in the release of hashcat 7 I retested my (now three year old) ntcrack against it. It made me smile to see it's still faster. https://github.com/sensepost/ntcrack
Later today, as Las Vegas hovers at its peak temperature on the 33rd iteration of DEFCON, @leonjza.bsky.social will take everyone in Track 4 on a wild ride through vuln ridden bloatware installed on many of the machines in the room and the world. https://info.defcon.org/content/?id=60380
August 9, 2025 at 2:27 PM
Later today, as Las Vegas hovers at its peak temperature on the 33rd iteration of DEFCON, @leonjza.bsky.social will take everyone in Track 4 on a wild ride through vuln ridden bloatware installed on many of the machines in the room and the world. https://info.defcon.org/content/?id=60380
My attempt to create a custom feed to group skeets by semantic similarity using embeddings is so far better at finding bots than it is at grouping meaningful content.
July 28, 2025 at 7:40 PM
My attempt to create a custom feed to group skeets by semantic similarity using embeddings is so far better at finding bots than it is at grouping meaningful content.
The original poster was circa 1987 groups.google.com/g/comp.unix.... and contained way more nuance and in-jokes.
July 20, 2025 at 4:27 PM
The original poster was circa 1987 groups.google.com/g/comp.unix.... and contained way more nuance and in-jokes.
An AI remix of an old unix magazine cover somewhat updated for the modern age.
July 20, 2025 at 4:21 PM
An AI remix of an old unix magazine cover somewhat updated for the modern age.
July 10, 2025 at 9:16 PM
This mural in our Paris office is getting me excited. I’m done with this northern hemisphere heat wave. Bring on the cold!
June 28, 2025 at 7:17 AM
This mural in our Paris office is getting me excited. I’m done with this northern hemisphere heat wave. Bring on the cold!
Today in unexpected things vuln researchers can use LLM’s for.
June 15, 2025 at 4:56 PM
Today in unexpected things vuln researchers can use LLM’s for.
Wifi hacking can be a useful tool, but people are out here grinding on WPA2 handshake cracking tutorials & menu driven attack tooling. When we built the 3rd and latest iteration of the wifi hacking course for BlackHat - we did it to show what really works and how it really works. 1/7
June 4, 2025 at 12:01 PM
Wifi hacking can be a useful tool, but people are out here grinding on WPA2 handshake cracking tutorials & menu driven attack tooling. When we built the 3rd and latest iteration of the wifi hacking course for BlackHat - we did it to show what really works and how it really works. 1/7
I’ve been playing with LLM agents for cyber tasks and found models that work to be inconsistently ok and very expensive and @nickpending.bsky.social’s blogs perfectly echo what I’ve been feeling https://nickpending.substack.com/p/the-systematic-breakthrough
May 31, 2025 at 6:42 PM
I’ve been playing with LLM agents for cyber tasks and found models that work to be inconsistently ok and very expensive and @nickpending.bsky.social’s blogs perfectly echo what I’ve been feeling https://nickpending.substack.com/p/the-systematic-breakthrough
Jeff @thedarktangent.bsky.social raises a possible driver for vigilante hack back - ineffectual law enforcement response. Super powered organisations may resort to “private armies”.
May 28, 2025 at 10:21 AM
Jeff @thedarktangent.bsky.social raises a possible driver for vigilante hack back - ineffectual law enforcement response. Super powered organisations may resort to “private armies”.
I’m really enjoying nerve for building agents, but found myself wanting to limit tool output to reduce input tokens or avoid tripping message length limits, so I made this PR https://github.com/evilsocket/nerve/pull/58
For example, this page parameter was auto added by nerve.
For example, this page parameter was auto added by nerve.
May 22, 2025 at 11:43 AM
I’m really enjoying nerve for building agents, but found myself wanting to limit tool output to reduce input tokens or avoid tripping message length limits, so I made this PR https://github.com/evilsocket/nerve/pull/58
For example, this page parameter was auto added by nerve.
For example, this page parameter was auto added by nerve.
If you're Russian and encrypted, it's for free, if you're Russian gov and you're encrypted, it's for free. If you're Russian and encrypted, and you really can't decrypt it, if you're Russian and encrypted - it's for free.
May 14, 2025 at 7:09 PM
If you're Russian and encrypted, it's for free, if you're Russian gov and you're encrypted, it's for free. If you're Russian and encrypted, and you really can't decrypt it, if you're Russian and encrypted - it's for free.
Some of these lockbit ransom negotiations are …
This one from a financial services company that definitely knows better.
This one from a financial services company that definitely knows better.
May 9, 2025 at 3:38 PM
Some of these lockbit ransom negotiations are …
This one from a financial services company that definitely knows better.
This one from a financial services company that definitely knows better.
Weird. I'm using 0.9.2 and thee free plan.
April 17, 2025 at 12:25 PM
Weird. I'm using 0.9.2 and thee free plan.
Finally getting to play with evilsocket's nerve. As usual he's provided a super accessible way to play with something that otherwise needs a lot more scaffolding.
Here it is doing a code audit of jollyexec and producing six patches to correct the issues.
Here it is doing a code audit of jollyexec and producing six patches to correct the issues.
April 16, 2025 at 1:38 PM
Finally getting to play with evilsocket's nerve. As usual he's provided a super accessible way to play with something that otherwise needs a lot more scaffolding.
Here it is doing a code audit of jollyexec and producing six patches to correct the issues.
Here it is doing a code audit of jollyexec and producing six patches to correct the issues.