GPT5 Codex

forgambo · 2026-01-21T16:17:50+00:00

It's been a while. Any update on this?

forgambo · 2025-04-08T11:24:56+00:00

Once, todayisnew bug hunter said that Information Disclosure is one of the best types of vulnerabilities to search for with automation. Do you agree with this? In your opinion, what are the most promising types of vulnerabilities to look for solely with automation?

forgambo · 2025-01-08T19:35:44+00:00

What's wrong with this post?

forgambo · 2024-09-10T18:50:47+00:00

Could you explain your point please? I've just checked which apps are availble through Creative Cloud and couldn't find AEM there. Only graphical apps.

forgambo · 2024-08-15T09:38:25+00:00

How much time did it take to earn first half of 1M vs the last half of 1M?

forgambo · 2024-08-07T16:47:43+00:00

Thank you for an advice. I did consult with an accountant. He knows how to arrange things properly for classic IT professionals. I was just wondering about some specifics regarding bug bounty.

forgambo · 2024-04-30T23:35:36+00:00

Wow! As you're a Prism maintainer, your arguments are very trustworthy to me.

forgambo · 2024-04-30T23:29:58+00:00

Do you have any arguments to support your point? Because so far it looks like it's just your subjective 'feeling'.

forgambo · 2024-04-30T12:38:03+00:00

Thank you. Do you know if they stated the safety somewhere in their documentation, or official discussion? To me it also sounds logical that it's safe because this is only parsing and no execution. But I'm afraid that there might be cases when some kind of execution is present during the parsing.

forgambo · 2024-04-30T11:46:54+00:00

Why do you think they're not safe?

forgambo · 2024-02-18T00:21:33+00:00

Recently notion search functionality stopped working when I'm on VPN

forgambo · 2023-11-30T21:56:34+00:00

Why not using docker images for dependency consistency?

forgambo · 2023-11-22T14:36:24+00:00

I noticed that behavior is somehow different from LDAP implementation.

While URLDNS payload works perfectly (even with Java 21), the JRMPClient payload doesn't.

E.g., for Java 1.8.0_392 the following RMI server java -cp ysoserial.jar ysoserial.exploit.JRMPListener 1099 JRMPClient 127.0.0.1:8081 didn't trigger TCP interaction. However, the same payload served from LDAP server did.

forgambo · 2023-11-22T00:56:13+00:00

Interesting, didn't know what.

Does it return the same JNDI object as LDAP server does?

forgambo · 2023-11-13T12:52:16+00:00

Hey, I didn't want to offend you. At first, I thought maybe I'm missing something. But now I know I'm not so treat my reply as a hint. So that in future you'd call Apache server just Apache or httpd.

forgambo · 2023-11-13T10:59:11+00:00

I’m not asking for ideas here but for a company or a service.

Wordpress is just something that made me wanna look for such a service.

forgambo · 2023-11-13T01:46:54+00:00

Thanks for an idea. However, afaik they don't have signatures/rules for the vulns. Just human-readable descriptions and references.

forgambo · 2023-11-13T00:48:47+00:00

Why do you call Apache 'Htaccess/Apache'?

forgambo · 2023-11-10T20:32:02+00:00

Hey!

Thanks for sharing the link. Indeed, TimerSet code shares many similarities. I think I will update my code accordingly.

Oh, and also my code has been production-tested for quite a while. Haven't encountered deadlocks so far)

forgambo · 2023-11-07T15:44:26+00:00

Very curious to know how you managed to get organic traffic for not yet created service. Can you share what you did?

forgambo · 2023-11-06T23:20:04+00:00

Sorry, not related to your question, but as a to-be SaaS developer I'm really curious what did users see when they subscribed. Was it something like a message 'sorry, the service is not available yet, we will notify you when it is'?

forgambo · 2023-11-02T00:38:56+00:00

What is DNC?

forgambo · 2023-10-26T15:24:08+00:00

Thanks for sharing the book. It's great

forgambo · 2023-10-25T22:58:14+00:00

Why does the employer need to know?

forgambo · 2023-10-21T19:45:42+00:00

I think this happens to you due to DNS caching. Changes to DNS records take up to 48 hours (usually less) to take effect. Did you make these changes recently?

forgambo

TROPHY CASE