"This article was written by ..., senior staff writer, and ...." In other words it was written by a couple of what I call hackbots with no subject expertise whatsoever. A subject where AI might well have done better.

🚨 Our 1st expansion to "Red Blue Purple AI" is available for preorder! "Hackbots with Claude Code" is gonna be EPIC! @xssdoctor @BadAt_Computers and I are waiting for you to sign up. Releasing Mid Q2, Link below 👇

tô submetendo umas talks pra alguns lugares pra falar sobre hackbots tenho estudado bastante e acho que pode dar uma aula maneira!

And this is why blogposts and writeups are dead. No idea just feeding others Claude skills. Its always been at loss, but if people only care as a way to boost their hackbots I see no value in it

aparentemente eh o último ano mesmo o tanto de gente foda que tô vendo falando que é o último ctf que participam é absurdo ou pensam em algum jeito novo de competir ou vira uma competição de hackbots e slopping

This. That's why the post of @Jhaddix on reminding to develop hackbots with built in logging stuck with me. I'm anticipating that somewhere down the road we'll have an incident involving an agent where we'll be required to trace back which agent did what and who approved it do it. 😅😂🤣 I'm currently a pentester/SOC support, and I run agents that log all the tasks they do plus evidence of tests -- just in case the bosses ask what was exactly done or if an issue occurs because of a test, i can verify and trace. As the saying goes - document everything and CYA. Plus compliance reqts of course 😂

Ever started hunting on a program and it gets disabled meanwhile? Happens a lot lately with the rise of AI hackbots. If you use bbradar.io either via mcp, telegram, discord , api or web you will get instant notifications and updates on all target changes and program status changes a ton more.

SO many hackers are so AI-pilled that they are not critically building in logging and verification to their hackbots. They are missing whole parts of their methodology due to models giving up on hard tasks. Build in gates in your prompt engineering. We'll go over this in the course.

Hackbots more skills or less skills?? I feel like I hear different opinions on this everyday. wtf what’s the best approach?

hackbots são o futuro (supervisão humana ainda obviamente é essencial, mas vai diminuir bastante o esforço braçal)

Starting a Streak for Bug Bounty Will keep updating on what I did. Day 1 Stats: Refined Hackbot Submitted one bug Studied about AI more Accepted or Rewarded Reports:N/A #bugbounty #hackbots #pentesting

Starting in 40 min... Hackbots Course Sneak Peek!

Hackbots preview today be there at High Noon EST (about 3 hours from now)

👾 Hack smarter, not harder. Join us TOMORROW, 𝗠𝗮𝘆 𝟭𝟯𝘁𝗵 𝗮𝘁 𝟭𝟬𝗔𝗠 𝗠𝗦𝗧, for a live webinar diving into 𝗛𝗮𝗰𝗸𝗕𝗼𝘁𝘀 𝘂𝘀𝗶𝗻𝗴 𝗔𝗴𝗲𝗻𝘁 𝗙𝗿𝗮𝗺𝗲𝘄𝗼𝗿𝗸𝘀. Our CEO, Jason Haddix, will break down how autonomous agents are reshaping offensive security, where they actually work, (and where they fall apart), and what this means for real-world attackers and defenders. 𝘚𝘱𝘰𝘯𝘴𝘰𝘳𝘦𝘥 𝘣𝘺 XBOW. ➡ Save your spot today! 🔗 Registration link in the comments

We've been working hard on our new course "Hackbots" If you wanna join a preview webinar, come join me Wednesday! us06web.zoom.us/webinar/regi…

HackerNotes TLDR for episode 173! Share your thoughts on the form below, we'll pass the relevant feedback to the platforms too. forms.ctbb.show/future_of_bu… ►⠀Google's VRP is paying more for top-tier impact (up to $1.5M for a zero-click full chain on Pixel) but cutting payouts on lows and meds. Programs everywhere are swamped with AI reports. ►⠀Network effects (model providers shipping security review, cheaper agentic pentests, internal red teams running hackbots) are killing the easy bug pipeline from every side. ►⠀The copium is real: scope on big targets is too big for any team to fully cover, top hunters running agents at scale find more than ever, and learning has never been faster. ►⠀Video-first PoCs and submission fees (like HackenProof did) are showing up as filters against AI slop, and opting out of training data is worth taking seriously. blog.criticalthinkingpodcast…

A lot of people are now building and using their own hackbots daily. Here's a nice blog on using AI to hunt for vulns by @0xAsm0d3us. Some takeaways that I've also been experiencing: > Instead of asking "is this code secure?", ask "how would you break this?". This shifts the flow from auditor to attacker. It will force it to generate attack strategies. > Avoid bloated prompts. Stuffing big MD files and skills into context degrades reliability of the model. Your scaffolding becomes the haystack and the bug becomes the needle. > Don't just say "find bugs". Assert the bug exists, e.g. this function has 3 vulnerabilities, find them, don't quit. Further reading: devansh.bearblog.dev/needle-…

👾 Hack smarter, not harder. Join us next week, 𝗠𝗮𝘆 𝟭𝟯𝘁𝗵 𝗮𝘁 𝟭𝟬𝗔𝗠 𝗠𝗦𝗧, for a live webinar diving into 𝗛𝗮𝗰𝗸𝗕𝗼𝘁𝘀 𝘂𝘀𝗶𝗻𝗴 𝗔𝗴𝗲𝗻𝘁 𝗙𝗿𝗮𝗺𝗲𝘄𝗼𝗿𝗸𝘀. Our CEO, Jason Haddix, will break down how autonomous agents are reshaping offensive security, where they actually work, (and where they fall apart), and what this means for real-world attackers and defenders. 𝘚𝘱𝘰𝘯𝘴𝘰𝘳𝘦𝘥 𝘣𝘺 XBOW. ➡ Save your spot today! 🔗 Registration link in the comments

We are having a blast working on this Hackbots course for you all 🤣 Looking like end of q2 since we've had to include refusal management and backup agent frameworks. Ty for being patient! @xssdoctor & @BadAt_Computers & I are hard at work making it something special🫶 arcanum-sec.com/training/hac…

Mine, @xssdoctor , and @BadAt_Computers ‘s AI hackbots this week: