I am very happy for the donation I had from @zseano I am very grateful because I am inspired by you, my friend, always a good man. Thank you for everything and I wish you many good things, be well my friend and thank you very much. I was very happy. #bugbounty #twitch

Abliteration.ai is a less-restrictive LLM API for legitimate synthetic data generation. Use it to generate: - edge-case datasets - eval prompts - classifier training examples - policy test cases - red-team simulations - trust & safety examples

TODOS OS COMANDOS DO CLAUDE CODE em uma imagem só. 72 atalhos, 9 categorias, em português. contexto, código, automação, paralelo. salva pra consultar depois. qual você nunca tinha usado?

No estás usando el 100% de Claude Code. Hasta que instalas esto. Se llama Everything Claude Code y es el toolkit open source más completo que he visto. → 30 agents, 64 skills, 33 commands → AgentShield integrado con 1.282 tests de seguridad → planificación, code review, fixes, TDD y optimización de tokens → funciona en Claude Code, Cursor, OpenCode y Codex CLI Un repo que reemplaza semanas de setup. 100% gratis y Open source. Te dejo el enlace abajo👇 Guarda este post para no perderlo 🔖

corrí /insights en claude code me analizó las ultimas 30 sesiones, y me dijo patrones que se repiten y qué agregar al CLAUDE.md para no tener que aclarar lo mismo cada vez es el tipo de feature que parece simple pero cambia como trabajas

【衝撃】 Claude Code でとんでもないモードが解禁👀 Opus 4.8 ＋ /ultracode で有効になる 新機能「Dynamic Workflows」！ x.com/daniel_mac8/status/206… これ何をしてるかというと👇 ・タスク難易度を自動検知 ・オーケストレーション用スクリプトを生成 ・複数エージェントに役割分担 ・検証フローまで自動構築 ・エージェントスウォームで並列実行 つまり 開発フローの全工程を Claude が自走。 これまでは 人間（細かく指示） ↓ Claude Code（実装担当） 今は 人間（ゴール投げるだけ） ↓ Claude Code（PM ＋ 開発チームを自動編成） ↓ スウォームで開発進行 開発、次のフェーズに入った可能性ある で、 「Claude Code進化早すぎて、正直ついていけてない…」 って感じてる人へ。 その感覚、かなり正常です。 ここ最近だけでも、 ・/simplify → /code-review ・Plugins ・権限管理まわり ・レビュー設計 ・Hooks ・Subagents とか、思想レベルでかなり変わってきてる。 ただ、この変化についていけるかで、 半年後の生産性かなり変わると思う。 なので、 「後で追えばいいや」より、 最低限だけでも今追った方がいい。 なので今回、先週のClaude Codeアップデート、 全部この下の記事で整理しました👇是非これで追いついてください。

Found a cool bug at Meta. From misconfigured Grafana instance to R/W access on 507 private Meta repositories. Wrote up the full chain here: sectricity.com/blog/misconfi… $157k bounty awarded by @metabugbounty

Gives Claude access to 27 security intelligence tools github.com/mukul975/cve-mcp-…

Great stuff here from Bug Bounty Maturity Framework: bugbountymaturity.com/resear…

Introducing mm-ctx: A fast, multimodal context manager for your agents.

برای بچه‌هایی که هانت میکنن و حوصله ندارن توی js دنبال endpointها بگردن یه اکستنشن Burp نوشتم که امیدوارم خوشتون بیاد. github.com/maverick0o0/E2R.g…

Authorized testing on a production API endpoint. Opus 4.7 confirmed the SQL injection was real but couldn't pull any database names. sqlmap said false positive. I switched to DeepSeek V4 Pro inside Claude Code and it figured out a trick: make the database answer yes/no questions by crashing on purpose. The payload wraps CASE WHEN around two XML casts. If the condition is true, it parses broken XML like <root>< and throws HTTP 500. If false, it parses clean XML like <root/> and returns HTTP 200. WAF was watching for SQL keywords, not XML errors. Extracted 19 database names. DeepSeek V4 Pro succeeded where both Opus and sqlmap failed. Two hours. Twenty cents. Setup: Mapped Claude Code to DeepSeek V4 Pro by creating ~/bin/claude-deep with ANTHROPIC_BASE_URL=api.deepseek.com/anthropic and ANTHROPIC_MODEL=deepseek-v4-pro[1m]. No config changes needed, original claude command stays untouched. No cybersecurity restrictions!!! Image 1: sqlmap output showing "false positive" / "all tested parameters do not appear to be injectable" Image 2: Claude Code terminal showing 19 databases extracted in ~2 hours Image 3: DeepSeek platform dashboard showing $0.20 total cost Image 4: Why this trick is different from standard blind SQLi types and why sqlmap has no built-in vector for it

🛡️ CAI — Open-source framework for AI-powered cybersecurity automation Build and run specialized AI security agents for pentesting, automation & security research. • Supports 300 AI models including OpenAI, Claude & Ollama • Built-in recon, exploitation & security testing tools • Agent-based architecture for offensive & defensive workflows • Includes prompt injection protections & guardrails • Used in CTFs, bug bounty research & real-world assessments github.com/aliasrobotics/cai #CyberSecurity #AI #Pentesting #BugBounty #OpenSource

Introducing apiffuf (ffuf for APIs) 🔓 An API URL fuzzer that cross-joins hosts × paths → normalizes URLs → probes over HTTP → reports live endpoints. apiffuf -hosts targets.txt -paths wordlist.txt → github.com/jsmonhq/apiffuf #bugbounty #recon #appsec #infosec #cybersecurity

GitHub - ShulkwiSEC/bb-huge: bb-huge 🤗 , Personal bug bounty findings hub and bug bounty orchestration for multiple agents · GitHub github.com/ShulkwiSEC/bb-hug…

El web scraping acaba de cambiar de nivel Scrapling evita los bloqueos de Cloudflare, es 774 veces más rápido que BeautifulSoup y no necesita configuración de proxies 52.2k estrellas en GitHub No es otro scraper más Es un framework adaptativo que aprende la estructura de cada web y se ajusta automáticamente cuando cambia Sin mantenimiento manual. Sin que te bloqueen. ✅ Bypassa Cloudflare y los anti-bots más agresivos ✅ 774x más rápido que BeautifulSoup en benchmarks reales ✅ Sin necesidad de proxies ni configuración especial ✅ Se adapta automáticamente cuando cambia la estructura de la web ✅ Compatible con agentes de IA como servidor MCP ✅ Soporte para JavaScript, iframes y contenido dinámico ✅ Modo stealth para webs con detección avanzada ✅ 46 releases. Actualizado la semana pasada. ✅ Licencia BSD-3 Lo que antes tardabas días en montar y mantener ahora son minutos 52.2k estrellas. 5k forks. BSD-3. repo aquí 👇

Como eu uso o @claudeai pra me preparar agora:

shipped a few things to my Interceptor fork today. you can now set your context ID from the popup, --context routes commands to the right browser profile, so now we can validate cross-account vulns easier. PR to the main repo coming soon. github.com/vitorfhc/Intercep…

Our security bug bounty program is now public on HackerOne. We've run the program privately within the security research community, and their findings have strengthened our products. Now anyone can report vulnerabilities and get rewarded. Read more: hackerone.com/anthropic

SILENTCHAIN AI benchmark! ⚔️ 253,778 tokens ⚔️ 163 AI requests ⚔️ 171 findings ⚔️ 7 validated vulnerabilities Using ONLY deepseek-r1:8b via Ollama local w. 2x1080ti GPU's! 🤯 Local AI for offensive security is getting real. #AI #redteam #ollama #cybersecurity #bugbounty