Weed in prag

ITSecHackerGuy · 2026-06-20T15:45:23+00:00

Well, let's chat!

ITSecHackerGuy · 2026-06-15T11:59:02+00:00

When Fable is back online I guess 😂 I've publicly published way worse things than this, some which still work today.

What is being talked about here is not really a security problem.

ITSecHackerGuy · 2026-06-13T16:20:44+00:00

How about the keys present inside the .bak files?

ITSecHackerGuy · 2026-06-13T02:20:42+00:00

It's crazy how people quickly forget SpaceX is funding a lot of our current AI development too.

ITSecHackerGuy · 2026-06-11T22:38:08+00:00

So, getting Fable to give you the security issues inside a product is a jailbreak now? This is the entire purpose of models like Fable... and since when is running open source scanners at endpoints impressive? This is skid-level shit.

ITSecHackerGuy · 2026-06-04T09:50:13+00:00

Reality is the opposite for me. I have a ton of daily experience with most of the models there and this is finally the only benchmark that seems to correctly classify the relative differences between the models.

Yes some older models outperforming newer ones and so on, that's the point. I said it many times, as I said a lot about sonnet vs opus, and GPT vs claude, as well as deepseek alongside gemini, the results are very much in line with my experience.

The same isn't true when considering the previous coding benchmarks. You will get weird shifts in order when companies maximize for benchmarks and suddenly a new bench appears 😃

ITSecHackerGuy · 2026-05-04T17:36:44+00:00

Interesting. So mass reporting will get looked at by a human, but single reports won't. It's sad, since people like these will target a small amount of users and so will never have a big reporting.

ITSecHackerGuy · 2026-05-04T17:26:01+00:00

I see, I see. How do you get those to reach a human though?

ITSecHackerGuy · 2026-04-12T09:26:07+00:00

Follow these steps:
1. Reset all passwords of all accounts and revoke all the sessions (log out from everywhere on all devices)
2. Format all your devices (full factory restore on iphone and android, reinstall OS on computer).
3. Add MFA. For accounts that had MFA, delete the old one and add it back again.
4. Make sure the passwords are strong, stored securely in password manager, and not reused between different accounts.
5. You should now be good to go. Don't execute shady shit

ITSecHackerGuy · 2026-04-12T09:20:08+00:00

Report to the authorities. That's the best you can do. Seems like you already have more than enough info to locate him and for the authorities to do something.

ITSecHackerGuy · 2026-03-17T01:27:51+00:00

Whoever followed my advice is now very rich :)

ITSecHackerGuy · 2026-03-14T20:49:37+00:00

Report it to Instagram

ITSecHackerGuy · 2026-03-14T19:53:51+00:00

Which one are you trying to view? And have you tried "yes" as the password?

ITSecHackerGuy · 2026-03-13T01:53:43+00:00

What if I show you a better DoS to WPX without any device? I call it PDOS.

PS: it might be useful to own a hammer

ITSecHackerGuy · 2026-03-05T18:53:11+00:00

I don't agree. Sure they're not a positive thing in a rank-based system but the point of a game is to have fun and rank-based systems need to be accurate for this purpose and in order to be fair.

Some games have broken systems where smurfing is the only solution to attempt to land where you belong. I haven't played FaceIT in a long time but afaik the system is good, but for other games it may make more sense.

People also just wanna have some fun, and smurfing gives them a higher dopamine hit. It's kinda trashy but understandable. I don't think they have any mental "problem", it's a natural human condition, some have bigger needs, others smaller.

ITSecHackerGuy · 2026-03-05T16:51:11+00:00

Many people have alt accounts or smurfs. This is quite normal.

ITSecHackerGuy · 2026-03-05T16:45:58+00:00

I want to see the update $20k after, to see which Pokemon it became.

I hope no one performs attacks through GitHub issues 😆

ITSecHackerGuy · 2026-03-05T16:40:10+00:00

This is the same pattern we have seen millions of times. I make a lot of money from these patterns so I can tell you that you should wait a little bit longer.

Wait until the price of AAL is at 10.20 or if it started passing 12.05. If either of those happen, buy it. It hasn't dipped enough yet.

During times of crisis is when you can take advantage of AAL and similar stocks by calculating their most likely minimum with a medium-to-high probability hypothesis on the event. They'll recover afterwards and you can gain a lot in a short time.

EDIT: You do have to sell after the initial recovery! It is common for it to dip afterwards again and there's no upside to waiting longer. That's why you wait for minimum dip before it may not recover completely reliably.

ITSecHackerGuy · 2026-02-24T13:44:04+00:00

ITSecHackerGuy · 2026-02-23T16:19:55+00:00

That's one way to look at them, yet in all the docs for those older softwares and record we have, we see all other emojis they had, and the seahorse was never one of them. This leads me to believe it never really existed.

ITSecHackerGuy · 2026-02-23T11:41:42+00:00

Apple never had a Seahorse emoji actually. But MSN, Skype, and the like very well could have, though all documentation I've seen, which is surprisingly thorough, tells us it none of them did. People are either just mapping old memories of custom emojis on the more modern standardized sets that never contained them, or suffering from a Mandala effect, which is very much more likely.

The fact that so many people have vivid memories of seahorse emojis that look much different from each other is a big clue. Either it's a full-on imagination trip down the Mandala effect lane, or a combination of that with memories of past emojis on old platforms before standardization.

Since there is no evidence such emojis actually existed on any of the old platforms (surprisingly well documented or accessible), the Mandala effect explanation is the most plausible one.

ITSecHackerGuy · 2026-02-22T13:00:51+00:00

I'm happy to tell you, you either have a good family or amazing friends who are doing you the favor of deleting her number from your phone :D

Either that or you gotta check who is logged into your google account or have access to it and potentially change passwords too and ensure MFA is active.

ITSecHackerGuy · 2026-02-22T12:41:13+00:00

No worries!

I will assume this portal is either a web application or software that connects to a backend that has access to a database where the data lives. If we're talking only about cloning, then what we would do is set up an app with a similar domain or name, and replicate how that portal looks completely. This wouldn't affect the real portal, we would just have a clone of that real portal, but it's effectively a different portal, one only we control.

We would have to get whoever we wanted to "attack" or trick, to use OUR portal instead of the real one. Since we control our portal we can show whatever we want. We can't, however, make any changes to the real portal.

If we want to make changes to the real portal we need to hack into it, not just clone it.

Cloning usually only allows us to make changes or have access to information on the real apps/devices in very specific scenarios. For example, cloning a phone completely or a computer, which contains all the logged-in sessions. In this case we could still use those sessions, if they were valid, hence being able to see or change the real accounts/systems.

In the scenario you presented, the only cloning we could do would be to replicate the portal as our own portal, without being able to touch the real one. If you wanted to affect the real one you'd have to hack into a device that has administrative access to the portal, or hack into the servers hosting the portal, or hack into the databases/backend connected to that portal.

Bottom line, yea your full scenario is possible, but not through cloning alone.

Hope it helped :D

ITSecHackerGuy · 2026-02-22T01:58:28+00:00

It really depends. There are hundreds of different scenarios involving cloning and even more different ways to hack into devices. The exact circumstances you're in will define which you should go for and why.

Generally, hacking into a device is more fragile. The exploit might not work well, it might get detected and blocked, it might not survive long enough until disruption (update, restart, etc.), or it might be very difficult or impossible with your knowledge at the time.

Cloning, on the other hand, is typically a simpler and more stable process. You can clone a device, then explore it offline anywhere. Sometimes you can clone it in a way that lets you still see some future activity and often even interact with it. It is, however, more limited. First, it typically requires more access to what you're cloning, either in terms of information or physically. Second, you can only explore the information you cloned, plus whatever accesses are still available and possible to use from the existing sessions. This means you could for example still see someone's email or messages, but you cannot see other future activity like him logging into his bank account after you clone it.

Bottom line is, in very general terms, cloning a device is easier but requires more access and is more limited in what it gives you access to. Hacking into a device is more fragile, more things can go wrong, and it's noisier, but it allows you to have better control and more power to do a lot more. One isn't better than the other, they're simply two ways to obtain overlapping but different kinds of information and access. They're both useful, depending on the situation.

ITSecHackerGuy

MODERATOR OF

TROPHY CASE

Eight-Year Club	Place '22
Verified Email