Profile avatar
singe.bsky.social
Hacker at Orange Cyberdefense's SensePost Team https://hello.singe.za.net/
389 posts 1,102 followers 692 following
Regular Contributor
Active Commenter
Posts 28 Comments 21

Unsatisfied with merely relying on reFlutter to do its magic, Jacques dove deep to understand how Flutter's SSL pinning in Android works, and how to intercept it with Frida. sensepost.com/blog/2025/in...

submitted 4 hours ago • 0 comments

Here is how I test my GitHub CI from the terminal! 💯 🌀 wrkflw — Validate and execute GitHub Actions workflows locally 🔥 Supports viewing logs, outputs, and execution details 🦀 Written in Rust & built w @ratatui.rs ⭐ GitHub: github.com/bahdotsh/wrk... #rustlang #ratatui #tui #github #automation

submitted 1 day ago • 1 comment

Finally getting to play with evilsocket's nerve. As usual he's provided a super accessible way to play with something that otherwise needs a lot more scaffolding. Here it is doing a code audit of jollyexec and producing six patches to correct the issues.

submitted 1 day ago • 1 comment

"Push harder than you think you should when something is very close to being exploitable. There is often a way." PREACH IT @rhynorater!!! www.bugcrowd.com/blog/hacker-...

submitted 1 day ago • 0 comments

Another example of a Windows 0-day found with PrivescCheck. Congrats to Compass Security for investigating the issue and exploiting it. 👏 blog.compass-security.com/2025/04/3-mi...

submitted 2 days ago • 0 comments

lf only people were indeed using AI to be smarter, instead of using AI to avoid having to learn anything.

submitted 2 days ago • 0 comments

The S is for Security. How to use WinRMS as a solid NTLM relay target, and why it’s less secure than WinRM over HTTP. writeup: sensepost.com/blog/2025/is... PR to impacket: github.com/fortra/impac... Demo: youtu.be/3mG2Ouu3Umk

submitted 3 days ago • 0 comments

Amazing that despite numerous C2 comms to this IP from malware, it's still clean as a whistle on VT. So much for all that vaunted threat intel helping us clean up malicious comms. www.virustotal.com/gui/ip-addre...

submitted 3 days ago • 0 comments

submitted 4 days ago • 0 comments

passover starts at sundown, and for those who are unfamiliar, it’s a holiday that centers around surviving under the weight of oppression. we reflect on our survival of genocide, our struggles as refugees, and our takeaway is supposed to be that we have a duty to stand with the oppressed, always.

submitted 4 days ago • 1 comment

This is a very good point. I saw a ton of people on LinkedIn defend the Uber CISO after he got convicted… but almost nobody saying anything about Krebs.

submitted 5 days ago • 1 comment

This is really top-quality demystification; try to get 1/3rd of the way through it without wanting to write an LKM. www.muppetlabs.com/~breadbox/tx...

submitted 6 days ago • 0 comments

here’s a curse word free version of “look it up” as requested by countless teachers and librarians 🥰😘

submitted 9 days ago • 414 comments

The one simple trick to avoid > 75% of bad uses of AI that AI ethicists don't want you to know! Read a science fiction book and if your goal aligns with the bad guys in that book don't do it. -- Credit @stellaathena.bsky.social on the Bad Site.

submitted 7 days ago • 5 comments

🍿THC member on camera. A first. 😅 30 years of hacking - a perspective and a reflection. 📺 👉 Keep Hacking 👈 The next 30 years of hacking start today. ❤️ thanks @wwsul.bsky.social www.youtube.com/watch?v=sQVL...

submitted 8 days ago • 0 comments

TIL about rlwrap, which is a very convenient wrapper around readline that you can combine with "dumb" commands like netcat 🎁 For example, in order to run netcat with command-line editing, simply execute "rlwrap nc localhost 80". Easy, isn't it? github.com/hanslub42/rl...

submitted 11 days ago • 1 comment

I’m increasingly convinced that AI is less likely to replace junior hackers & more likely to replace the seniors who refuse to use it. Juniors are more open to experimenting with it, & are … cheaper. The wave of layoffs in security in 2023 targeted a lot of seniors due to cost.

submitted 10 days ago • 0 comments

Meta just dropped Llama 4 on a weekend! Two new open weight models (Scout and Maverick) and a preview of a model called Behemoth - Scout has a 10 million token context Best information right now appears to be this blog post: ai.meta.com/blog/llama-4...

submitted 11 days ago • 7 comments

Burp AI is now available in stable! 🚀 You can now use Shadow Repeater - an AI-powered upgrade to manual testing! Use Repeater as usual, and Shadow Repeater will automatically generate and test variations, uncovering new attack vectors in real time. portswigger.net/research/sha...

submitted 14 days ago • 1 comment

That @staaldraad.conch.cloud, always ahead of his time. This time by 15 years.

submitted 13 days ago • 1 comment

So good. 🤡 @brendanvduke.bsky.social

submitted 14 days ago • 590 comments

Principles over politics ✊

submitted 14 days ago • 2 comments

The first person who invents a way to filter out X screenshots on here will become a skeet hero.

submitted 15 days ago • 0 comments

Doing the KCP Workshop at #kubecon and thought "it'd be really useful to have an isolated env to run all this code" , one labctl command later, I've got a @iximiuz.bsky.social labs playground spun up and ready to go!

submitted 15 days ago • 1 comment

A Visual Guide to SSH Tunnels: Local and Remote Port Forwarding - Article by Ivan Velichko @iximiuz.bsky.social #Network #SysAdmin

submitted 19 days ago • 1 comment

Getting feedback like this is what motivates me to work, again and again, on my Burp Suite training course. Thanks @joaxcar.bsky.social ☺️

submitted 15 days ago • 0 comments

How to kerberoast without having to send a TGS-REQ🕵️‍♂️ rastamouse.me/kerberoastin... #infosec #cybersecurity #redteam #pentest #windows

submitted 15 days ago • 0 comments

Nice write up from Lesley. We have a cyber skills shortage - just not an entry level one. Which conversely means there’s less skill available to train the gap from entry to mid level.

submitted 15 days ago • 0 comments