IPinfo Free Geolocation API: Tools, Setup & Use Cases ⌘ Read more

I Built a Tool to Hack AI Models — Here’s What It Uncovered

Image

A few months ago, I was auditing a chatbot deployed inside a financial services platform. It used a mix of retrieval-augmented generation…

[Continue reading on InfoSec Write-ups »](http … ⌘ Read more

OCaml Web Development: Essential Tools and Libraries in 2025
Comments ⌘ Read more

Top Tools That Helped Me Earn $500 in 30 Days

Image

How I used these tools & commands to find bugs fast

Continue reading on InfoSec Write-ups » ⌘ Read more

☕Best Tool for Analyzing Java Files (90% of Hackers Don’t Know This)

Image

Free Article Link

[Continue reading on InfoSec Write-ups »](https://infosecwriteups.com/best-tool-for-analyzing-java-files-90-of-hackers-dont-know-this- … ⌘ Read more

Hacking With No Tools: How to Break Web Apps Using Just Your Browser ️‍♂️

Image

Hacking With No Tools: How to Break Web Apps Using Just Your Browser 🕵️‍♂️

[Continue reading on In … ⌘ Read more

Top 8 Best Vulnerability Scanning Tools (2025 Guide) ⌘ Read more

Fx v36 - JSON terminal viewer
Hello Lobsters, I’m the author of a fx tool. I’ve been working hard past month to develop a new version of a fx with a lot of improvements and fixes. Please check them out.

Comments ⌘ Read more

Bug Hunting in JS Files: Tricks, Tools, and Real-World POCs

Image

✅Free Article Link

[Continue reading on InfoSec Write-ups »](https://infosecwriteups.com/bug-hunting-in-js-files-tricks-tools-and-real-world-pocs-b4d43dd41d8e?source=rss—-7 … ⌘ Read more

A tool to verify estimates, II: a flexible proof assistant
Comments ⌘ Read more

Business books are entertainment, not strategic tools
Article URL: https://theorthagonist.substack.com/p/why-reading-business-books-is-a-waste

Comments URL: https://news.ycombinator.com/item?id=43940747

Points: 500

# Comments: 233 ⌘ Read more

Bug Hunting in JS Files: Tricks, Tools, and Real-World POCs

Image

🗝️Free Article Link

[Continue reading on InfoSec Write-ups »](https://infosecwriteups.com/bug-hunting-in-js-files-tricks-tools-and-real-world-pocs-70406e3eb72e?source=rss—-7 … ⌘ Read more

Tool Review — TraceWeb.io Extension ⌘ Read more

A Must-Have Tool for Bug Hunters: Find Open Redirect Vulnerabilities on Linux

Image

Automate open redirection detection, save hours of manual testing, and level up your bug bounty recon game.

[Continue … ⌘ Read more

2025 Mobile App Pentesting Guide: Tools, Techniques & Real-World Examples ⌘ Read more

Building your own Atomic (bootc) Desktop
Bootc and associated tools provide the basis for building a personalised desktop. This article will describe the process to build your own custom installation. ↫ Daniel Mendizabal at Fedora Magazine The fact that atomic distributions make it relatively easy to create custom “distributions” is s really interesting bonus quality of these types of Linux distributions. The developers behind Blue95, which we talked about a few weeks ago, based their entire … ⌘ Read more

Bug Hunting for Real: Tools, Tactics, and Truths No One Talks About

Image

Let’s Skip the “Sign Up on HackerOne” Talk

[Continue reading on InfoSec Write-ups »](https://infosecwriteups.com/bug-hunting-for-real-tools-tactics-and-truths-no … ⌘ Read more

$1000+ Passive Recon Strategy You’re Not Using (Yet)

Image

Still using subfinder & sublist3r tools for finding assets while recon??

[Continue reading on InfoSec Write-ups »](https://infosecwriteups.com/1000-passive-recon-strategy-youre-not-using-yet-164f5b1e … ⌘ Read more

Limits of Malware Detection ⌘ Read more

Run x86-64 games on RISC-V with felix86
If RISC-V ever manages to take off, this is going to be an important tool in RISC-V users’ toolbox: felix86 is an x86-64 userspace emulator for RISC-V. felix86 emulates an x86-64 CPU running in userspace, which is to say it is not a virtual machine like VMware, rather it directly translates the instructions of an application and mostly uses the host Linux kernel to handle syscalls. Currently, translation happens during execution time, also known as jus … ⌘ Read more

I’m with @andros@twtxt.andros.dev and @eapl.me@eapl.me on this one. But I have also lost interest in twtxt lately and currently rethinking what digital tools truly add value to my life. So I will not spending my time on adding more complexity to Timeline. Still a big thanks to you @prologic@twtxt.net for all the great work you have done and all the nice conversations both here and on our video calls.

I also fundamentally do not believe in the notion that Twtxt should be readable and writable by humans. We’ve thrown this “argument” around in support of some of the proposals, and I just don’t buy it (sorry). As an analogy, nobody writes Email by hand and transmits them to mail servers vai SMTP by hand. We use tools to do this. Twtxt/Yarn should be the same IMO.

@lyse@lyse.isobeef.org Hahahaha 🤣 I mean it’s “okay” every now and then, but what’s the point of having good clients and tools if we don’t use ‘em 🤣

Are “AI” systems really tools?
Comments ⌘ Read more

Top 5 Open Source Tools to Scan Your Code for Vulnerabilities

Image

These tools help you find security flaws in your code before attackers do.

[Continue reading on InfoSec Write-ups »](https://infosecwriteups.com/top-5-open-source-tools-to-s … ⌘ Read more

Notation as a Tool of Thought (1979)
Comments ⌘ Read more

MCP Security: Tool Poisoning Attacks
Comments ⌘ Read more

How to Create a Botnet Using One Tool: A Proof of Concept for Educational Purposes Aspiring…

Image

Learn how attackers build and control botnets — safely and ethically — using … ⌘ Read more

5 Tools I Wish I Knew When I Started Hacking ⌘ Read more

@kat@yarn.girlonthemoon.xyz At the core, you need an ngircd.conf like this:

[Global]
    Name = your.irc.server.com
    Password = yourfancypassword
    Listen = 0.0.0.0
    Ports = 6667

    AdminInfo1 = Well, me.
    AdminInfo2 = Over here!
    AdminEMail = forget.it@example.invalid

[Options]
    Ident = no
    PAM = no

[SSL]
    CertFile = /etc/ssl/acme/your.irc.server.com.fullchain.pem
    KeyFile = /etc/ssl/acme/private/your.irc.server.com.key
    DHFile = /etc/ngircd/dhparam.pem
    Ports = 6669

Start it and then you can connect on port 6667. (The SSL cert/key must be managed by an external tool, probably something like certbot or acme-client.)

I’m assuming OpenBSD here. Haven’t tried it on Linux lately, let alone Docker. 😅

Seem like it’s a server-client thingy? 🤔 I much prefer tools in this case and defer the responsibility of storage to something else. I really like restic for that reason and the fact that it’s pretty rock solid. I have zero complaints 😅

Timeline of Evolution of Twtxt/Yarn.social:

• 2016 – Twtxt created by John Downey: plain text + HTTP = minimalist microblogging
  
• 2017–2019 – Community builds CLI tools, but adoption remains niche
  
• 2020 – Yarn.social launched by @prologic@twtxt.net with federation, threading, UI
  
• 2021–2023 – Pods sync, user mentions, blocking, search, and media support added
  
• 2024+ – Yarn.social becomes the reference Twtxt platform, with active federated pods

@kat@yarn.girlonthemoon.xyz pandoc is a joy! I haven’t used any Microsoft word processing tools since forever. They want a Word document? Pandoc to the rescue!

@movq@www.uninformativ.de there are many other similar backup tools. I would love to hear what will make you pick Borg above the rest.

What makes Slackware different?
I’m not entirely sure how to link to this properly, but what we have here is a simple, to-the-point text file describing some of the benefits of Slackware, the oldest still maintained Linux distribution. It’s still run by Patrick Volkerding, and focuses on conservative choices and simplicity over ease. I doubt I have to explain the benefits of Slackware to the average OSNews reader, but this simple little text file does serve as a great marketing tool. The fact it’s a … ⌘ Read more

@andros@twtxt.andros.dev how often do you send a private message on the Fediverse? How often do you send PGP/SMIME encrypted emails? Are there other tools that are more suitable for the task? If implementing direct/private messages on twtxt scratches an itch (you know, that hobbyist itch we all get from time to time), then don’t give up so easily. Worse comes to worse, and your feed becomes too noisy, people can simply unfollow/mute.

I really don’t care about direct messages here, but I might be on that bottom 1%!

@andros@twtxt.andros.dev Ahh I see 👌

@prologic@twtxt.net Yes, it is a security hole. All dm-echo messages are readable. I intend it to be a debugging tool. Maybe I can include a warning message. If many of you see that it is a serious problem, I can remove the links.

Fascinating read on the emerging Model Context Protocol — a new standard for integrating LLMs with agents and tools.

@lyse@lyse.isobeef.org Just needed to update the version of the tool I packaged as an OCI image 🤣

Add support for skipping backup if data is unchagned · 0cf9514e9e - backup-docker-volumes - Mills 👈 I just discovered today, when running backups, that this commit is why my backups stopped working for the last 4 months. It wasn’t that I was forgetting to do them every month, I broke the fucking tool 🤣 Fuck 🤦‍♂️

FreeDOS 1.4 released
With FreeDOS being, well, DOS, you’d think there wasn’t much point in putting out major releases and making big changes, and you’d mostly be right. However, being a DOS clone doesn’t mean there isn’t room for improvement within the confines of the various parts and tools that make up DOS, and that’s exactly where FreeDOS focuses its attention. FreeDOS 1.4 comes about three years after 1.2. This version includes an updated FreeCOM, Install program, and HTML Help system. This also includes i … ⌘ Read more

Windows 9x QuickInstall simplifies installing Windows 98
If you’re elbow-deep in ’90s retrocomputing and maintain a fleet of your own personal seemingly identical but definitely completely different Windows 98 machines, Windows 9x QuickInstall is tailor-made just for you. It takes the root file system of an already installed Windows 98 system and packages it, whilst allowing drivers and tools to be slipstreamed at will. For the installer, it uses Linux as a base, paired with … ⌘ Read more

Hi, So i made a little MVP registry crawler tool for twtxt. It now has a basic UI to play with. It has a somewhat full history back to about 2018-ish. Plus some interesting bits that were timestamped to earlier.

Find it here: https://watcher.sour.is

Code base is found here: https://git.sour.is/sour-is/xt

Microsoft releases Windows 11 roadmap tool to help make sense of Windows 11’s development
I’ve complained about the utter inscrutability of the Windows release process for a long time, with Microsoft seemingly using channels, build numbers, code names, date-based version numbers, and so on interchangeably, making it incredibly hard to keep track of what is being released when. It turns out even Microsoft itself started losing track, because it … ⌘ Read more

A maintainer’s guide to vulnerability disclosure: GitHub tools to make it simple
A step-by-step guide for open source maintainers on how to handle vulnerability reports confidently from the start.

The post A maintainer’s guide to vulnerability disclosure: GitHub tools to make it simple appeared fir … ⌘ Read more

Ironclad 0.6 released
It’s been a while, but there’s a new release of Ironclad, the formally verified, hard real-time capable kernel written in SPARK and Ada. Aside from the usual bugfixes, this release moves Ironclad from multiboot to Limine, adds x86_64 ACPI support for poweroff and reboot, improvements to PTY support, the VFS layer, and much more. The easiest way to try out Ironclad is to download Gloire, a distribution that uses Ironclad and the GNU tools. It can be installed in both a virtual machine an … ⌘ Read more

Iconography of the PuTTY tools
Ah, PuTTY. Good old reliable PuTTY. This little tool is one of those cornerstone applications in the toolbox of most of us, without any fuss, without any upsells or anti-user nonsense – it just does its job, and it has been doing its job for 30 years. Have you ever wondered, though, where PuTTY’s icons come from, how they were made, and how they evolved over time? PuTTY’s icon designs date from the late 1990s and early 2000s. They’ve never had a major stylistic redesign … ⌘ Read more

A 10x Faster TypeScript
To meet those goals, we’ve begun work on a native port of the TypeScript compiler and tools. The native implementation will drastically improve editor startup, reduce most build times by 10x, and substantially reduce memory usage. By porting the current codebase, we expect to be able to preview a native implementation of tsc capable of command-line typechecking by mid-2025, with a feature-complete solution for project builds and a language service by the end of the year. ↫ Anders Hej … ⌘ Read more

Porting the curl command-line tool and library with Goa
For more than a decade, we have a port of the curl library for Genode available. With the use of Sculpt OS as a daily driver as well as the plan to run Goa natively on Sculpt OS by the end of the year, the itch to also port the curl command-line tool became irresistible. Of course this is a perfect territory for using Goa. In this article, I will share the process of porting the curl command-line tool and shared library … ⌘ Read more

everoddandeven releases ‘Monero Daemon GUI’ v1.2.0
everoddandeven1 has released Monero node manager monerod-gui 2 version 1.2.0 Shadowness 3 with various upgrades, fixes and improvements:

Upgrade Electron to v35.0.0
Upgrade Angular to v19
Upgrade dependencies
TOR and I2P service
Private testnet tool
UI fixes and improvements
monerod settings fixes

Consult the Github repository2 for the complete changelog4, a demo … ⌘ Read more