@_x13 profile picture
Tiago Sequeira (@x13@infosec.exchange) @_x13

Security R&D

Joined February 2010
  • Tweets 2,988
  • Following 1,322
  • Followers 257
383 Photos and videos
github.com/DietrichGebert/po…

GitHub - DietrichGebert/ponytail: Makes your AI agent think like the laziest senior dev in the...

Makes your AI agent think like the laziest senior dev in the room. The best code is the code you never wrote. - DietrichGebert/ponytail

github.com
4
Scan Agent Skills Before Installation | NVIDIA Skill Documentation docs.nvidia.com/skills/scann…

Scan Agent Skills Before Installation | NVIDIA Skill Documentation

Use SkillSpector to detect vulnerabilities, malicious patterns, and policy risks in AI agent skills.

docs.nvidia.com
2
Tiago Sequeira (@x13@infosec.exchange) retweeted
Daniel San
@dani_avila7
Jun 6
The Skills ecosystem is growing fast , aitmpl.com alone has crossed 1M downloads with hundreds of Skills submitted every month At that scale, automated security scanning on every PR stops being optional. SkillSpector (@NVIDIAAI) does that, static analysis, 64 patterns, risk score 0–100, blocks at 50 Full writeup on how it works and how to integrate it 👇

Claude Code Templates: 1000 Agents, Commands, Skills & MCP Integrations

Browse and install 1000 pre-built components for Claude Code. AI agents, slash commands, MCP integrations, hooks, and settings. Free, open-source CLI tool.

aitmpl.com
Daniel San
@dani_avila7
Jun 6
x.com/i/article/206332537277…
4
8
44
8,001
Tiago Sequeira (@x13@infosec.exchange) retweeted
Daniel San
@dani_avila7
Jun 6
Repo if you want to use it: github.com/nvidia/skillspect…

GitHub - NVIDIA/SkillSpector: Security scanner for AI agent skills. Detect vulnerabilities,...

Security scanner for AI agent skills. Detect vulnerabilities, malicious patterns, and security risks. - NVIDIA/SkillSpector

github.com
2
8
858
OWASP Risk Rating Methodology | OWASP Foundation owasp.org/www-community/OWAS…

OWASP Risk Rating Methodology | OWASP Foundation

OWASP Risk Rating Methodology on the main website for The OWASP Foundation. OWASP is a nonprofit foundation that works to improve the security of software.

owasp.org
3
WinLOLBIN-GT: A Behavioural Ground Truth Dataset for ML-Based Detection of Windows LOLBIN Abuse zenodo.org/records/20533434

WinLOLBIN-GT: A Behavioural Ground Truth Dataset for ML-Based Detection of Windows LOLBIN Abuse

Windows Living-Off-the-Land Binary Ground Truth (WinLOLBIN-GT) is a labelled behavioural ground truth dataset developed to support machine learning-based detection of Windows Living-Off-the-Land...

zenodo.org
8
WinLOLBIN-GT: A Behavioural Ground Truth Dataset for Machine Learning-Based Detection of Windows Living-Off-the-Land Binary Abuse github.com/daniyyell-dev/Win…

GitHub - daniyyell-dev/WinLOLBIN-GT-dataset: WinLOLBIN-GT: A Behavioural Ground Truth Dataset for...

WinLOLBIN-GT: A Behavioural Ground Truth Dataset for Machine Learning-Based Detection of Windows Living-Off-the-Land Binary Abuse - daniyyell-dev/WinLOLBIN-GT-dataset

github.com
7
Tiago Sequeira (@x13@infosec.exchange) retweeted
cr3ghost
@cr3ghost
Jun 13
One of the best FREE Windows exploit development and security research blogs out there. Kernel pool exploitation. PTE overwrites. HVCI and kernel CFG bypass. XFG internals. Browser type confusion. Kernel shadow stacks. Secure kernel internals. ARM64 Pointer Authentication bypass. ETW and PPL research. Covers everything from ROP fundamentals all the way to cutting edge ARM64 and VBS security research. Still actively publishing in 2026. connormcgarr.github.io/ Author: @33y0re #ExploitDevelopment #WindowsInternals #ReverseEngineering
2
103
500
20,832
“Threat Hunting Case Study: LOLBins, Registry Staging & Fileless C2 Attack” by Vidhi patel medium.com/@patelvidhi4288/t…
19
github.com/secureagentics/Ad…

GitHub - secureagentics/Adrian: Runtime security monitoring and control for AI agents. Catches...

Runtime security monitoring and control for AI agents. Catches malicious tool use, prompt injection, and policy drift in real time, before the agent acts. - secureagentics/Adrian

github.com
6
RT @ghumare64: As an AI Engineer. Please learn: Harness engineering, not just prompt engineering Context engineering, not just long prompt…

AI Engineering from Scratch

503 lessons. 20 phases. Write the backprop, the tokenizer, the attention mechanism, and the agent loop by hand.

aiengineeringfromscratch.com
128
The Story of C : The World's Most Consequential Programming Language | ... youtu.be/lI7tMxzSJ7w?is=9lY_… via @YouTube

The Story of C : The World's Most Consequential Programming Language...

This is the story of C , one of the world’s most widely-used and c...

youtube.com
10
OWASP ThreatAtlas | OWASP Foundation owasp.org/www-project-threat…

OWASP ThreatAtlas | OWASP Foundation

Open-source web platform for collaborative threat modeling—diagrams, frameworks, mitigations, and optional AI assistance in one place.

owasp.org
5
github.com/Cisco-Talos/Evide…

GitHub - Cisco-Talos/EvidenceForge: Generate realistic synthetic security logs for cybersecurity...

Generate realistic synthetic security logs for cybersecurity threat hunting training and research - Cisco-Talos/EvidenceForge

github.com
7
computerhistory.org/blog/dis…

Discovering Dennis Ritchie’s Lost Dissertation

Until recently, across a half-century perhaps fewer than a dozen people had ever had the opportunity to read Dennis Ritchie’s dissertation—the intellectual and biographical fork-in-the-road separat...

computerhistory.org
5
@"The AI-driven SOC revisited – moving beyond alert-centric security operations"linkedin.com/pulse/ai-driven… on @LinkedIn

The AI-driven SOC revisited – moving beyond alert-centric security operations

About 3 years ago, I published an article on the AI-driven SOC. It contained early assumptions, but several foundational observations remain valid today.

linkedin.com
14
Adversaries Leverage AI for Vulnerability Exploitation, Augmented Operations, and Initial Access | Google Cloud Blog cloud.google.com/blog/topics…

Adversaries Leverage AI for Vulnerability Exploitation, Augmented Operations, and Initial Access |...

Explore GTIG's 2026 report on how adversaries leverage AI for zero-day exploits, autonomous malware, and industrial-scale cyber operations.

cloud.google.com
25
github.com/rohitg00/ai-engin…

GitHub - rohitg00/ai-engineering-from-scratch: Learn it. Build it. Ship it for others.

Learn it. Build it. Ship it for others. Contribute to rohitg00/ai-engineering-from-scratch development by creating an account on GitHub.

github.com
9
@"'Hunting a Threat' and 'Threat Hunting' are different."linkedin.com/pulse/hunting-t… on @LinkedIn

'Hunting a Threat' and 'Threat Hunting' are different.

Introduction I got your attention. That title alone is going to generate confusion and perhaps even some defensive reactions.

linkedin.com
4
github.com/simplifaisoul/osi…

GitHub - simplifaisoul/osiris: Open Source Global Intelligence Platform - Real-Time OSINT Dashboard...

Open Source Global Intelligence Platform - Real-Time OSINT Dashboard - A Palantir Alternative - simplifaisoul/osiris

github.com
6
Load more