I just launched my first SaaS 🚀 It helps developers maintain their GitHub contribution streak automatically. Here’s the exact architecture behind it 👇 Frontend: React Backend: Convex Auth: Clerk Payments: Polar.sh Hosting: Vercel Thread 🧵 #buildinpublic #SaaS #indiehackers #webdev #startups

PortSwigger Web Security disclosed a bug submitted by @Kawakatz: hackerone.com/reports/371227… - Bounty: $5,000 #hackerone #bugbounty

your agent can search Twitter, Reddit, and GitHub for free - zero API keys, zero billing 😳 agent-reach is trending on github with 23K stars. it lets your AI agent read Twitter posts, browse Reddit threads, search GitHub repos, watch YouTube videos - all without paying for a single API subscription what your agent accesses for $0: - Twitter/X posts, profiles, and search - Reddit threads and comments - YouTube videos, metadata, and search - GitHub repos, issues, and profiles - 10 more platforms - all in one pip install what this replaces: - Twitter API: $100/mo for basic access - Reddit API: rate-limited free tier, expensive at scale - YouTube API: quota limits, pay for more - GitHub API: generous but still rate-limited why this matters: - most AI agents are blind to the internet because APIs cost money - this gives any agent real-time web access at zero marginal cost - perfect for research agents, content radar, competitive intel, market analysis how to set up (2 min): > pip install agent-reach > run: agent-reach doctor > connect it to your agent as a tool > done - your agent can now search the internet for free important: - uses direct parsing, not official APIs - no keys needed - works with claude code, cursor, aider, langchain, any agent framework - MIT licensed, fully open source - not for production web scraping at scale - use for agentic research and prototyping - 23K stars and trending - community vetted let your agent browse Twitter, Reddit, and GitHub for $0 while everyone else is paying $100 /mo for API access bookmark this before payying for extra api ↓ repo in comment

🇮🇳 India – 40 Million Indian Female Records Allegedly Exposed * A threat actor is advertising a dataset described as "40 Million Indian Female Data" on an underground forum. * The seller claims the database contains approximately 40 million records and provides sample entries as proof of possession. * Based on the visible sample, the dataset appears to include: * Full names * Mobile phone numbers * Email addresses * Physical addresses * Cities and states * Gender classification * Additional demographic and category fields * The exposed sample suggests the data may have been aggregated from multiple sources rather than originating from a single organization. * No verified attribution, source organization, or collection method was provided in the listing. * If authentic, a dataset of this scale could be leveraged for: * Large-scale SMS phishing campaigns * WhatsApp-based social engineering * Romance scams * Financial fraud * Identity profiling * Targeted advertising abuse * Credential-stuffing and account recovery attacks * Datasets segmented by gender are particularly valuable to threat actors conducting highly targeted fraud operations because they allow attackers to tailor lures and increase engagement rates. Analyst Note: Massive demographic datasets continue to circulate across underground communities, often being repackaged and resold multiple times. The primary risk is not always the data itself, but the ability for threat actors to enrich existing profiles by combining multiple leaked datasets into a more complete identity record. #DDW #Intelligence #India #DarkWeb

You can't miss reading these blogs, if you're a SR/Auditor : - blog.trailofbits.com/ - rareskills.io/blog - openzeppelin.com/research - blog.asymmetric.re/ - trustsec.xyz/blog - blog.sigmaprime.io/ - zellic.io/blog/ - cyfrin.io/blog - osec.io/blog/ - helius.dev/blog?category=res… - mixbytes.io/blog Save it anon, if you're an avid reader

Someone built an AI agent that searches Reddit, X, YouTube, HN, TikTok, Polymarket, and the web in parallel. Scores everything by real upvotes, real likes, and real money. Synthesizes it into one brief. In seconds. It's called /last30days. 28,700 stars on GitHub. You type one command. The agent fans out across every platform at once. Reddit threads. X posts. YouTube transcripts. Polymarket odds backed by actual money. HN comments. GitHub commits. It scores each source by what real people engaged with. An AI judge synthesizes the whole thing into one grounded summary of the last 30 days. Here's what it does: → Searches Reddit for top upvoted threads and comments on any topic, person, or company. → Pulls X posts and scores them by likes and recency. Not algorithmic feed. Raw signal. → Transcribes and searches YouTube videos. Finds what was actually said, not just the title. → Reads TikTok engagement. Surfaces what creators and communities are actually talking about. → Queries Polymarket odds. Real money bet by real people on what happens next. → Searches Hacker News. The technical community's unfiltered take. → Searches GitHub commits and PRs. What someone is actually shipping right now. → Runs all sources in parallel. Scores them against each other by engagement weight. → AI agent judge synthesizes everything into one brief. No raw dump. A grounded summary. → Zero config to start. Reddit, HN, Polymarket, and GitHub work immediately. → One setup wizard unlocks X, YouTube, TikTok, and more in 30 seconds. → Installs into Claude Code, Codex, Cursor, Copilot, Gemini CLI, and 50 agent hosts. Here's the wildest part: Google doesn't touch Reddit comments or X posts. ChatGPT has a Reddit deal but can't search X or TikTok. Gemini has YouTube but not Reddit. Claude has none of them natively. Every platform is a walled garden with its own API, its own tokens, its own auth. No single AI has access to all of it. Until you bring your own keys and bridge them with an agent. That's the unlock. Not one better search engine. A dozen disconnected platforms, scored against each other by what real people actually engaged with and bet real money on. Google aggregates editors. /last30days searches people. Perplexity Pro: $20/month. $240/year. ChatGPT Plus: $20/month. $240/year. You(dot)com Pro: $15/month. $180/year. /last30days: $0. Unlimited queries. Unlimited topics. Your API keys. Your agent. Forever. 28,700 stars. 2,431 forks. MIT licensed. MIT licensed. Self-hosted. Open protocol. Free forever. 100% Open Source. Github repo: github.com/mvanhorn/last30da…

🤯An AI security tool has 1st-place performance on security contests from just 1yr ago. Solidity-auditor v3 is out, FREE & Open Source. Thousands of Solidity developers are using the tool already. Upgrade your security baseline, use the tool🫡 pashov.com/solidity-auditor-…

Automated Polymarket bot with 4-layer risk protection github.com/MrFadiAi/Polymark…

Why hasn’t anyone ever mentioned the @praetorianlabs GitHub organization? Their tools are like a goldmine for bug hunting.

免费领 1 年 Cursor Pro，价值 $240🤩 继续给大家分享优质福利，这条专给还在读书的兄弟（不是学生的，转给你在校的朋友）。 在校大学生，用 .edu 邮箱通过 SheerID 验证，就能白嫖整整 12 个月 Cursor Pro，和花 $20/月的付费版一模一样： Claude / GPT / Gemini 全模型 Agent 多文件编辑，每月还白送 $20 模型额度。 不用信用卡，验证过了直接开通! 毕业前赶紧薅，截至2026.6仍旧有效！ 入口评论区自取！

10 GitHub repos so good they shouldn't be free. 1. AutoHedge An autonomous hedge fund built in Python with four AI agents: a director generates investment theses, a quant validates them, a risk manager decides position size, and an execution agent places orders. Operates live on Solana. With 'pip install -U autohedge', you can start trading immediately. repo → github.com/The-Swarm-Corpora… 2. Vibe-Trading A trading system using a Directed Acyclic Graph (DAG) model, featuring 64 finance skills and 29 preset specialist agent swarms. Includes analysis methods like Ichimoku, Elliott Wave, SMC, Black-Scholes, full Greeks, and risk parity. Its crypto desk provides liquidation heatmaps and token unlock tracking. You can observe agents debating strategies in real time. repo → github.com/HKUDS/Vibe-Tradin… 3. Fincept Terminal A Bloomberg Terminal replacement that runs on your laptop. CFA levels 1, 2, and 3 analytics. 20 investor AI agents (Buffett, Dalio, Soros). 100 data connectors, including Polygon, World Bank, and IMF. Bloomberg charges $24,000 a year. This is free. repo → github.com/Fincept-Corporati… 4. LibreChat Every model ChatGPT runs, plus Claude, Gemini, DeepSeek, and 20 more. Self-hosted. Native MCP support. You own the data, the history, the infrastructure. OpenAI charges $20/month to use their wrapper. This costs nothing to use your own. repo → librechat.ai/ 5. Open Higgsfield AI A self-hosted cinema studio with 200 AI models. Flux, Midjourney, Sora, Kling, Veo, GPT-4o, SDXL all in one interface. Text to image. Image to video. Cinema mode with pro camera controls. No subscription. Your data stays local. repo → github.com/Anil-matcha/Open-… 6. Open-LLM-VTuber A Live2D AI companion that runs offline, sees your screen, hears your voice, and never forgets. Inner thoughts are shown as a separate text layer, so you watch the reasoning happen before words come out. Pet mode floats it on your desktop. Swap the LLM in one config line. repo → github.com/Open-LLM-VTuber/O… 7. Claude Ads A free Claude Code skill that runs 190 audit checks across Google, Meta, YouTube, LinkedIn, TikTok, and Microsoft Ads. 6 parallel subagents firing at once. Consolidates into a single Ads Health Score ranked by revenue impact. Agencies charge $4,000 a month for this. repo → github.com/AgriciDaniel/clau… 8. Agentic Inbox Cloudflare just open-sourced an email client where an AI agent reads your inbox and drafts your replies. Runs entirely on Cloudflare Workers. Each mailbox lives in its own Durable Object. Your email never leaves your Cloudflare account. One click deploys it. repo → github.com/cloudflare/agenti… 9. Camofox Browser An open source headless browser that makes AI agents invisible to bot detection. Spoofs navigator properties, WebGL, AudioContext, and WebRTC at the C level. The browser does not look modified because it genuinely is not. Accessibility tree output drops token cost by 90%. repo → github.com/jo-inc/camofox-br… 10. Hyperframes HeyGen open-sourced a video framework that does everything Remotion does without React, without JSX, without teaching your AI agent a new format. The agent writes HTML. The framework renders MP4. GSAP, Lottie, and Three.js all work. Same HTML always produces the same file. repo → github.com/heygen-com/hyperf… These are not toys. Each one replaces a paid product you're still being charged for. Pick one. Install it. Plug it into your workflow. 100% free. 100% open source.

Korea’s #1-ranked hacker on HackerOne is back with a follow-up post! 👀 Hyunseo Shin (KU, 4th year) previously shared how he uncovered open-source 0-days using LLM agents. Now, he breaks down the AI-based vulnerability detection workflow behind those findings. Full post below 🔥 🔗 blog.cykor.kr/2026/06/Buildi… #CyKor #AI #hackerone

A 35-year-old marketer from Hong Kong quit his job and got deeply into AI. Using Claude, he made $360,000 in just ONE month. He built a perfect BTC price simulation engine with MiroFish. Claude as the algorithm's brain. $5,000-$15,000 profit per trade. I made $28,200 in 21 days copy-trading him. I've made the exact build guide. Giving It Free for 24 hours. To get it: 1. Comment "CLAUDE" 2. Like and Retweet 3. Follow me @codewithimanshu (Only then, i can DM you) You only need Claude a laptop 1 hour/day. The wallet that started this. His Polymarket handle: marketing101. A quiet joke about his old career. $366K all-time profit. Constantly fades the crowd because his simulation reads the market better than everyone else. I reverse-engineered his stack. Had Claude rebuild the same simulation engine. 20 minutes. Done. What the bot actually does: → Pulls live BTC data from Binance Coinbase Bybit WebSockets → Pulls closed order book depth most retail traders never see → Cross-references private OTC desk feeds for institutional flow → Feeds the entire context into MiroFish force-graph engine → Runs 10,000 simulation cycles before every single trade → Detects mispricing the moment Polymarket diverges from real BTC value → Executes when simulated edge exceeds 5% probability gap → Skips when liquidity thin, signal conflicts, or daily cap hits → Auto-rebalances position sizing based on Bayesian win-rate updates What makes this different from every retail bot: → Closed order book data, not just public Binance feed → Private OTC desk integration (institutional-grade alpha) → 10,000 Monte Carlo cycles per trade (most bots run zero) → Claude reasons over every signal in real time → Already elite alpha. Already public proof. Risk controls baked in: → Per-trade risk: half-Kelly sizing → Daily cap: 2% of bankroll → Auto-halt on 5 consecutive losses → Paper mode default. Live requires explicit flags. → Runs on local terminal. No cloud. No GPU. The setup checklist: → Polymarket wallet on Polygon. USDC funded. $500-$1,000 to start. → CLOB API key from docs of polymarket → Claude API key for the simulation reasoning → MiroFish setup (open source, 18K GitHub stars) → Telegram bot for live alerts The deployment path: → Generate the simulation engine with corrected prompt in Claude Code → Python 3.11 , virtualenv, pip install → Run paper mode for 7 days minimum → Need 200 trades, 75% win rate, 0 crashes before going live → Deploy to $5/month VPS for 24/7 uptime → Start live with $100. Scale after 50 live trades. The edge: → Not "guessing where the chart will go" → Pure fusion of AI MiroFish insane math on exclusive data → Profit captured from running 10,000 versions of every market reaction before the market moves The expiry date: → Polymarket detects whale convergence patterns → Closed order book data leaks into public feeds → Multi-simulation setups become standard → Window closes within 12 months He's not predicting the future. He's running 10,000 versions of every market reaction before the market moves. You're staring at charts hoping for a setup. He's running Monte Carlo simulations while you sleep. Don't want to build it? Copy his wallet directly with even $10: Polymarket is not legal for US residents. Check your country first. Save this post. Build the simulation engine this weekend. Start with $100. Scale on evidence. You Must Follow me @codewithimanshu, so i can send you DM.

A Brazilian college dropout moved into his parents garage and built a Polymarket trading bot using only open-source AI agents - it earned him $794,000 in 14 months. He didn't write a single line of code. Claude Opus wrote it all. The agent framework we're using is Hermes - open source, built by NousResearch (backed by Paradigm with $70M). His wallet: polymarket.com/@bonereaper?v… Wallet handle: Bonereaper. 40,266 trades. Total stack cost: $10/month. Here's how it actually works: The bot trades BTC 5-minute Up/Down markets on Polymarket. 288 windows per day. One trade every 81 seconds. The edge is Markov chain analysis. When BTC price enters a persistent directional state - math says the next bar continues up with probability p ≥ 0.87. The market doesn't know this. The market prices it based on emotion. That gap is the entire trade: Δ = p̂ − q ≥ ε → ENTER The stack: BRAIN - Claude Opus 4.7 via API. Reads signals, makes decisions, rewrites its own strategy nightly. BODY - Hermes Agent by NousResearch. Open-source. 100K GitHub stars. RUNNER - Hetzner VPS. $5.99/month. Runs 24/7. ALERTS - Telegram bot. Every trade pings your phone. Setup time: 30 minutes. No coding required. But the real trick is the nightly self-learning loop. Every midnight Opus reads the day's trade journal. Tags wins, losses, EV per Markov state. Then rewrites MIN_PROB and MIN_EDGE in the .env file. Yesterday it might have been MIN_PROB=0.87. Tomorrow 0.89. The week after maybe 0.91 if the regime tightens. The agent is measurably smarter after 50 trades. After 500 it's a different bot than the one you launched. You don't need to know how to trade. You don't need to know how to code. You need $10/month and 30 minutes. The bot does the rest. Claude does the thinking. You read Telegram reports in the morning, approve the next session, and go back to sleep. Save this if you want to dig in and understand it. Or just copy BoneReaper trades using this TG bot - his algorithm has been perfected over 14 months and literally has no equal: kreo.app/@cvxv666

ANYONE with a laptop can now access spy-grade surveillance tools for FREE. It's called OSIRIS, an open-source clone of Palantir $PLTR, the $324 BILLION intelligence company. It lets anyone WATCH every commercial flight, spy satellite, and CCTV cameras. It tracks military jets, detects GPS jamming, and maps active war zones. All updating LIVE, in ONE browser tab, free FOREVER. Governments paid Palantir MILLIONS per year for tools like this. The CIA's playbook is now public domain.

Here are 10 GitHub repos that quietly print money while you sleep. 1. Cal. com Open-source Calendly. Fork it, white-label it, sell to dentists and lawyers for $200/month. The founders hit $5M ARR in 3 years doing exactly this. Repo → github.com/calcom/cal.com 2. Plausible Analytics Privacy-first Google Analytics. Self-host it, resell to agencies for $50/month per client. Two founders bootstrapped this to 7 figures. Repo → github.com/plausible/analyti… 3. Ghost Open-source Substack with 100% margin. 1,000 readers at $5/month equals $60,000 a year. Forever. Repo → github.com/TryGhost/Ghost 4. n8n Open-source Zapier. Sell automation services for $500-$2,000 per setup. n8n raised $14M because the agency model behind it works. Repo → github.com/n8n-io/n8n 5. Supabase Free Firebase replacement. Build a SaaS in a weekend, charge $29-$99/month. They raised $116M for a reason. Repo → github.com/supabase/supabase 6. Medusa Open-source Shopify. Take 5% on every sale forever. Zero rev share to Shopify. Repo → github.com/medusajs/medusa 7. AppFlowy Open-source Notion. Sell self-hosted to enterprises worried about data privacy. They raised $30M because this market is massive. Repo → github.com/AppFlowy-IO/AppFl… 8. Coolify Open-source Vercel and Heroku. Charge developers $20/month to manage their deployments. Replace their $200 Vercel bill. Repo → github.com/coollabsio/coolif… 9. Listmonk Open-source Mailchimp. Send unlimited emails for the cost of an AWS bill. Resell to agencies at 10x markup. Repo → github.com/knadh/listmonk 10. Penpot Open-source Figma. Sell self-hosted design tools to agencies who refuse to upload client files to the cloud. Repo → github.com/penpot/penpot The difference between developers who build features and developers who build businesses is one decision. Pick one of these. Fork it this weekend. Ship it next week. The founders behind these repos already proved the model. Save this. Share it with the developer in your life who deserves to break free. 100% free. 100% open source.

ChatGPT Business is free for 2 months right now🎁. Not just discounted. Fully free for 2 months. US region only, from what I tested. Promo code: STRIPEATLASGPT4BIZ050126

lof web apps that are built by AI, it have .md and mostly 🔥 so any app you test, JSP / PHP / ASP Add for fuzzing the extensions ffuf -w /wordlist -u .com/FUZZ -e .md,.db,.txt,.xml,.sql,.7z,.zip,.tar.gz,.env it will take some time, but it will be back with very good results♥

Another One ☝️ The Power of Yandex Dork I found there Full AWS Container Credentials and AWS Execution ENV 🔥🔥🔥🔥 They want to see the Magic 🪄 I’m F**king ready 🚀🚀🚀 Big up @yamarajislitaf @Olamdeen @4osp3l @Shabosec Y-dork Never Fail 🔥🔥🔥

Supercell Messed up bad... 💀 Exclusive Player Icons, Sprays & Pins are now sold in the shop for EVERYONE! ☠️ Did you get a similar offer? 🤔