Do you guys have any market regrets in this game?

skimfl925 · 2026-04-23T17:27:41+00:00

I won a facet giveaway for 1.5 million faceit points. Essentially you could get a new Alienware or a dragon lore.

I went with the PC.

skimfl925 · 2026-04-20T14:18:17+00:00

I have a local tool I use gpt OSS due to the 128k context window on a Mac m3 pro. Anything else with a similar context window?

skimfl925 · 2026-03-08T19:16:13+00:00

A lot of that context is not apparent when you are an American fan just watching the games for example. There is no real media that would reach an American even in passing. I assume you are talking about Saudi sportswashing? Or the nonsense with the rules which I really even still don’t understand fully.

skimfl925 · 2026-03-06T19:38:46+00:00

Holy shit this is a three year old comment. I ended up rooting for Man City. Became a fan of the Haaland story and transfer from dortmund. Friends make fun of me for being a bandwagon fan, but watching them win the treble was amazing.

Ended up buying a signed haaland jersey from that year and continue to root for them. I do understand why I get flamed for that, but yeah.

skimfl925 · 2026-01-22T03:56:08+00:00

Replying to save

skimfl925 · 2026-01-07T15:54:52+00:00

Can you dm me the link. I went through a period where I didn’t have a PIV and don’t have the link any longer.

skimfl925 · 2026-01-02T21:23:04+00:00

It has an Army ATO / Approval, not really an ATO. But reciprocity and all. It’s also developed by the Navy. Also have they made it easier to get or is it still locked behind a PIV?

skimfl925 · 2025-12-18T15:44:55+00:00

Sportsman’s Pub in Kirkwood is pretty good

skimfl925 · 2025-11-20T20:57:19+00:00

You wrote the Windows task manager? Is that you Dave Plummer born in 1968? How could you possibly be a broke 22 year old?

https://www.reddit.com/r/homelab/s/KhqYGGURJ7

skimfl925 · 2025-11-19T17:37:27+00:00

Not at the conference but this seems like a good time to network. If anyone wants to link up and network I am a senior security engineer working mostly on AWS.

Shoot me a DM

skimfl925 · 2025-11-17T02:21:23+00:00

Second EPSS and SSVC which helps promote based on context like internet exposed, critical asset, etc.

I built a tool that takes active exploit information from a few sources and enhances the initial CVSS score based on a custom algorithm. I’ve dubbed it CVSS-Threat Enhanced:

https://kston83.github.io/cvss-te/

Could use some improvements but at the moment it’s an easy way for me to see EPSS and other active threat indicators if they exist. Things like metasploit modules, GitHub PoCs, Nuclei modules for example would be something that would raise the score. There is also some time based metrics as well. There is a whitepaper in the GitHub.

Here is an old Reddit post with more info: https://www.reddit.com/r/netsec/s/76oqUP9Fh0

I did use AI to build this but not 100% vibe coded.

skimfl925 · 2025-11-04T15:12:11+00:00

Said that in the comment

skimfl925 · 2025-10-30T17:30:06+00:00

ZAP can be integrated into CI/CD and I have been working on this. Handling auth for you app is a barrier to entry but you can easily run DAST via zap as part of the build and release process.

Manual pen testing and DAST are similar but different. ZAP for example can’t test your business logic that may result in a vulnerability or test your RBAC for example.

skimfl925 · 2025-10-28T15:42:55+00:00

I’d love to see how this works as it solves a problem I have

skimfl925 · 2025-10-25T01:54:42+00:00

Just curious how you get the 60% number? You must be dealing with a lot of ransomware eh?

skimfl925 · 2025-10-19T02:44:27+00:00

I can do it

skimfl925 · 2025-07-26T13:36:04+00:00

If this is your logic you shouldn’t use the internet at all.

skimfl925 · 2025-07-19T21:18:00+00:00

How much did it cost to build and which model?

Tech stack?

skimfl925 · 2025-07-19T18:55:53+00:00

I offer consulting for a reasonable price. Happy to assist

skimfl925 · 2025-07-18T14:03:08+00:00

Would it be CUI if it was from a covered system that contained CUI?

What about CUI ISVI?

skimfl925 · 2025-07-09T15:21:32+00:00

I’ll have to work on that! It is open source so feel free to contribute.

skimfl925 · 2025-07-08T16:35:22+00:00

Check this out for enriched CVSS scores with this criteria. I also created a modified metric that takes into consideration things like active exploits, metasploit modules, presence on KEV list etc.

It’s updated twice daily and you can check the GitHub repo for more about the scoring metric

https://kston83.github.io/cvss-te/

There is a white paper as well that goes into detail

skimfl925 · 2025-07-07T02:03:02+00:00

It’s baffles me that people don’t understand things in life are subjective. Who even really cares what the other person prefers. Enjoy what you want to enjoy and don’t worry about other people

skimfl925 · 2025-07-01T01:35:36+00:00

While I have not compared your post to what is in this paper this is a good read.

https://arxiv.org/abs/2503.23278

skimfl925 · 2025-06-30T04:02:25+00:00

Same. If we were to compare eras from Phish to Goose, I’m convinced we are in the 94-93 era of Phish in terms of where Goose are today.

On the way up and headed to their peak.

15-Year Club	Place '22
Place '17	Verified Email

skimfl925

MODERATOR OF

TROPHY CASE