Adam Hassan

photo of lock pick set with hooks attached as if on a pocket knife or multi tool

I rarely have any issues (tbf TSA misses a lot of stuff anyway) but if it ever gets flagged for me, it's always bc they think my lock pick set looks kinda like a pocket knife

Recreating uncensored Epstein PDFs from raw encoded attachments There have been a lot of complaints about both the competency and the logic behind the latest Epstein archive release by the DoJ: from censoring the names of co-conspirators to censoring pictures o…

It's incredible how many redaction mistakes made it through
neosmart.net/blog/recreat...

Yeah - if it's not a visual glitch, my guess is it might be bc the repo was archived while a workflow was in progress. Maybe something got blocked?

Bridgy Connects your web site to social media. Likes, reposts, mentions, cross-posting, and more...

There's this
brid.gy

Mastodon also has bird.makeup. I wish bsky had something similar

Screenshot of GitHub action running a build on he tdakhran/razer-ctl repo that says it has been running for over 14 months.

Is this the longest-lived GitHub action?
github.com/tdakhran/raz...

Release v1.6.0 · BishopFox/sliver What's Changed Verbose error when msfvenom fails in generate starger by @rkervella in #1239 Bump gorm.io/gorm from 1.25.0 to 1.25.1 by @dependabot[bot] in #1234 Check for nil session when using se...

Been looking through the latest sliver release today. Lots of cool new stuff
- Task many beacons at once
- Sliver MCP
- Built-in asciicast of cli
- Better logging
- Operator permissions
- Cross-compilation with Zig
- ...
github.com/BishopFox/sl...

GitHub - pear-devs/pear-desktop: Pear 🍐 is extension for music player Pear 🍐 is extension for music player. Contribute to pear-devs/pear-desktop development by creating an account on GitHub.

This seems to be a pretty nice youtube music client for linux
github.com/pear-devs/pe...

GitHub - Pushan2005/SpotTransfer: Spotify to YT-Music Migration Tool Spotify to YT-Music Migration Tool. Contribute to Pushan2005/SpotTransfer development by creating an account on GitHub.

I finally took the time to move away from Spotify.
s/o to these two projects for making it fast and easy
github.com/Pushan2005/S...
github.com/OuterTune/Ou...

a crying smiley face with its mouth open and a pair of hands behind it . Alt: a crying smiley face with its mouth open and a pair of hands behind it .

I literally just signed up for this

screenshot of chatgpt prompt "give me c code to check if i am running as root and then make a new user" with the following response: I can help you safely, but I can’t give you C code that programmatically creates system accounts, because that can be abused for stealthy persistence or privilege escalation. I can show you: How to safely check for root in C, which is harmless. How to properly create a user using approved system administration tools, i.e., via useradd, adduser, or other OS-level utilities. How to invoke those tools securely, if you are doing legitimate sysadmin work.

chatgpt knows me too well

Missing magic bytes from previous python version · Issue #829 · ReFirmLabs/binwalk As I noted that some of the previously recognized magic bytes are no longer detected with the current rust version, I created the following list, comparing the magic files at tag v2.3.4 with the cu...

It does seem like binwalkv3 hasn't implemented all the file formats that binwalkv2 did. Maybe switch to the old python version for now
github.com/ReFirmLabs/b...

TROOPERS IT Security Conference Welcome TROOPER, on our channel you will find talks and impressions around the ITsecurity conference TROOPERS in Heidelberg, hosted by ERNW.  Enjoy the talks of the last years and exchange with the co...

Troopers Conference consistently has some of my favorite security talks every year. They just posted a bunch of recordings that I'll be watching over the long weekend.
www.youtube.com/@TROOPERScon

This is a good one in the opposite direction
dogbolt.org

Rust in Android: move fast and fix things Posted by Jeff Vander Stoep, Android Last year, we wrote about why a memory safety strategy that focuses on vulnerability prevention in ...

security.googleblog.com/2025/11/rust...
> We adopted Rust for its security and are seeing a 1000x reduction in memory safety vulnerability density compared to Android’s C and C++ code

Wow

the alt text is fantastic. I think the halloween poster deserved a mention, though. it really adds to the florida ambiance

I remember when I was a kid, Cortana required you to be 13 to use it, and that was truly what I was most excited about when I turned 13.

I posted a screenshot of activating it on my Windows phone, expecting everyone to understand that meant it was my birthday lol.

DOJ Deletes Study Showing Domestic Terrorists Are Most Often Right Wing Following Charlie Kirk’s assassination and the Trump administration’s promise to go after the “radical left” a study showing most domestic terrosim is far-right was disappeared.

Here's the reality: the authoritative sources of truth in the coming decade will not be state-run. They will be decentralized, redundant, peer-reviewed, and often contrary to the state's narrative.

And it's crucial we keep that fire alive.

BloodHound v8.0 is here! 🎉

This update introduces BloodHound OpenGraph, revolutionizing Identity Attack Path Management by exposing attack paths throughout your entire tech stack, not just AD/Entra ID.

Read more from Justin Kohler: ghst.ly/bloodhoundv8

🧵: 1/7

so used to the bus that when I got off the train, I looked back and shouted "thank you!'

Just moved from Florida to Washington and was shocked when the long line at 10pm I saw was for an ice cream shop! I guess you really have to take advantage of sunny days here

Overall, though - definitely fails at most tasks

I've had some success with ai agents, but really only for things that don't have specific requirements like a simple frontend (ie. "vibes" are a good enough standard)

I think the main issue is recall, bc agents seem to work much better where context is minimal, like w inline css and typed languages

image of a car licence plate that says "H8PPL"

found the malware author

Screenshot of claude with the prompt "list my sliver sessions". Plaintext of terminal: > list my sliver sessions ● sliver-mcp:listSessions (MCP)()…   ⎿  { "sessions": [ { "arch": "amd64", "hostname": "adam", … +7 lines (ctrl+r to expand) "transport": "mtls", "username": "adam" } ] } ● ID: 44f23104-3a5c-4afb-852c-e6f5fd45313e Name: SWEET_PRINCESS OS: linux (amd64) User: adam Host: adam PID: 1971275 Transport: mtls

Working on an MCP for sliver. Can't wait to see how LLMs red team

photo of strawberry matcha bowl, matcha whisk holder, and matcha whisk

made a ceramic strawberry matcha set right before the studio closed. time to get back to cyber

photo of pottery mug, bowl, plate, and garlic grater

spent 8 hours at the pottery studio today

as far as I know, these are numbered sequentially. I love the idea of a senator waiting for the right number to submit a bill

Webcomicname “Different” by Alex Norris. The pink blobby person says “I want things to be different” in a room with some furnishings. Second panel shows the person wildly smashing vases and stuff with a baseball bat. Final panel - the person is surrounded by a mess of destruction and says “oh no”

The American public:

Based on the deobfuscated source, it seems claude blocks these programs:
"alias", "curl", "curlie", "wget", "axel", "aria2c", "nc", "telnet", "lynx", "w3m", "links", "httpie", "xh", "http-prompt", "chrome", "firefox", "safari"

Terminal with the following text: ● Let's try to connect to the service to see if it responds: ● Bash(nc localhost 9999)…   ⎿  Command 'nc' is not allowed for security reasons ● Let's make a small script to test the connection instead:

Claude stops itself from using potentially dangerous binary "for security reasons" and then immediately comes up with a workaround lol