solst/ICE

@IceSolst

Pentester turned seceng turned meeting canceller - https://hex.dance/ (-13$ ARR)

villa straylight

Joined November 2024

2KFollowing

17KFollowers

Pinned

solst/ICE@IceSolst · Mar 3

Here's a thread of every app I've built 100% with @cursor_ai using Claude. These are all fun side projects I've worked on in my free time over the last few months.

101

2.0K

3.0K

483.0K

Pinned

solst/ICE@IceSolst · 21 h

Misnamed functions should be a jailable offense. For instance, look at this emberjs function htmlSafe. It actually disables html escaping and makes you vulnerable to XSS, when you’d think it would be used to sanitize input. Absolute crime.

aalcuin ❄️@scheminglunatic · 21 h

lol?

2.0K

solst/ICE@IceSolst · 2 h

2.8M weekly downloads for a package instead of just calling Array.isArray()? Am I stupid

IInternational Cyber Digest@IntCyberDigest · 3 h

🚨 Breaking 🚨 The NPM package ‘is’ - with 2.8M weekly downloads - got hit by a supply chain attack. Attackers injected backdoor malware via hijacked maintainer accounts. This gave them full remote access to infected devices.

1.0K

solst/ICE@IceSolst · 3 h

The hardest sticker I’ve ever seen was “I pet the bomb dog at defcon 31” which appeared mere hours after the bomb threat incident (can’t find photo of it)

1.0K

solst/ICE@IceSolst · 6 h

Pre-blackhat vendor spam is unbearable. Do sales people know if you all do the same thing none of you get anywhere? My mailbox, linkedin, and phone have been DoS’d.

2.0K

solst/ICE@IceSolst · 6 h

Then you don’t understand cybersecurity..

aalex@stilla1ex · Jul 22

Now that I understand cybersecurity, I'm terrified.

3.0K

solst/ICE@IceSolst · 8 h

Nuclear take: bug bounty and exploit dev are supposed to be transitional jobs you grow out of. They get tediously repetitive, but more importantly do not scale. You can only work on a few bugs at a time, and spend time on minute details. You ideally learn to deliver value at…

145

7.0K

solst/ICE@IceSolst · 10 h

We’ve established that ~70% of vulnerabilities are memory corruption. But that doesn’t mean most initial vectors of compromise are due to those vulns. We still struggle the most with the basics: forgotten unpatched servers, social engineering, no MFA. We love to talk about…

133

5.0K

solst/ICE@IceSolst · 18 h

This guy single handedly carried an entire generation of programmers, bless you Bucky

1.0K

solst/ICE@IceSolst · 21 h

This is why I don’t believe Rust will reduce vulnerabilities. The language is atrocious and abstruse. Skill issue? Yes that’s exactly it, all vulnerabilities are quite literally skill issues. And having to rewrite working code in this atrocity of a language will not help at all.

DDmitrii Kovanikov@ChShersh · Jul 22

After my recent news, many people have asked me: "Why not Rust?" Here's my answer:

450

30.0K

solst/ICE@IceSolst · 21 h

> year 2077 (636 months into ai taking our jobs) > open chrome (rewritten in rust) > still have to manually press relaunch button > open twitter (rust Bitcoin style) > news of another fortinet rce > open work laptop (windows rust edition) > 17 evidence collection requests from…

ssolst/ICE@IceSolst · Jul 21

170

11.0K

solst/ICE Retweeted

Async@asynchronous_x · 24 h

Using @IceSolst card generator rn for checkout integration nobody use this card this one's mine

1.0K

solst/ICE@IceSolst · Jul 22

Exploit dev in one tweet

TTib3rius@0xTib3rius · Jul 22

I JUST WANT TO POP CALC.EXE FOR A VIDEO WHY IS THIS SO HARD.

2.0K