- Hive Five
- 🐝 Hive Five 147 - Take up space
🐝 Hive Five 147 - Take up space
Greetings from the hive!
Happy Diwali 🪔. I'm under the weather while writing this, so not much of an update from me.
Let's take this week by swarm!
🐝 The Bee's Knees
Take up space is a beautiful and powerful talk by Shirley Wu at React Rally 2023. A story about identity, burnout, finding courage, rekindling a dream, and settling into the discomfort of not knowing what comes next. YOUTUBE
Ruby on Rails: The Documentary. Ruby on Rails has one of the most faithful communities online, it also has one of the most controversial, rabble-rousing creators out there, Danish programmer, David Heinemeier Hansson — RoR was my introduction to building full stack web apps, so it always holds a special place in my heart. YOUTUBE
What types of DoS bugs will get you a bounty? A case study of 138 DoS bug bounty reports. YOUTUBE
AI Engineering 101 workshop. An introductory course for AI Engineers where you build 5 small projects covering GPT3 API Basics, Prompt Tooling and Memory , Code Generation with GPT4, Image Generation with Dall-E, Stability AI, Lexica, and Midjourney, Speech-to-Text with Whisper. YOUTUBE
Which Bee's Knees was your favorite? Reply with the number (#1, #2, #3, #4, or #5)!
Sponsor the Hive Five and reach a highly engaged community of engineers, security researchers, and ethical hackers who are at the forefront of the industry.
PentesterLab added 5 new intro videos to their Unix labs. TWITTER
XnlReveal v2.3 is a Chrome/Firefox browser extension to show alerts for relfected query params, show hidden elements and enable disabled elements. TWITTER
xnl-h4ck3r/knoxnl v2.4 is a python wrapper around the amazing KNOXSS API by Brute Logic. GITHUB
ZMap 4.0.0 RC1 introduces the notion of multi-port scanning, which has been a long requested feature. GITHUB
Intigriti has a new Head of Hackers, and it's none other than r0adrunn3r. TWITTER
Corgi is down 45 pounds. Let's go! TWITTER
STÖK leveled up. Happy birthday! TWITTER
d0nut received some banging feedback on his latest talk: "Compile-Time Authorization." Love it! TWITTER
Meg sharing her fitness goals and what she can't do...yet. Get some! TWITTER
bsysop reached the all-time top 14 on Bugcrowd. Congrats! TWITTER
Emily has three talented folks looking for work: a sysadmin, visualization engineer, and L3 helpdesk. TWITTER
How designers can create "secret missions" at work to increase impact — This can be applied to any role. YOUTUBE
Day in My Tech Life with Brie G. who's making 250k/yr as a BA/Product Owner. YOUTUBE
Aaron Francis talks about "Publishing Your Work" at Laracon US 2023 Nashville. In this inspiring session he shares the transformative power of sharing your work with the world. YOUTUBE
It’s important to remember that insert company is just a phase in people’s lives. At some point everyone currently working at insert company will leave. CRITTER
A nano pop quiz by Jack! Without looking it up, how do you copy and paste within nano? (using keyboard only.) TWITTER
STÖK on how easy it is to underestimate how much time and effort goes into quality content creation. TWITTER
jensec is the latest hacker to earn $1 million in bounties on HackerOne. TWITTER
A compilation of Bugcrowd's Bug Bash 2023 in Las Vegas, NV. YOUTUBE
Shubs regrets not trying out Caido sooner. Have you tried it? TWITTER
Usurping Mastodon instances (CVE-2023-42451). This blog post gives details about the GHSA-v3xf-c9qf-j667 vulnerability (for which GitHub issued CVE-2023-42451) and how it could be exploited. GITHUB
Adversarial Attacks on LLMs. Adversarial attacks are inputs that trigger the model to output something undesired. GITHUB
Navigating the Sea, Exploiting DigitalOcean APIs—a deep dive into the nitty-gritty of its role-based access control. IMPERVA
Plundering Postman with Porch Pirate. During one of their engagments, they observed a significant number of secrets being committed to Postman workspaces by the company's developers. MANDCONSULTING
The New Kings of Open Source AI (Oct 2023 Recap). Mistral is the new open source unicorn in town, top takes from the AI Engineer Summit, and our usual highest-signal recap of top items for the AI Engineer from Oct 2023. LATENT
TIL you can add a .png to the end of your GitHub profile link and it'll give you your profile picture. TWITTER
Jayesh shares their $16K ATO bug: "Always test unusual login flows by logging in with a 3rd party provider without sharing email with the target site." TWITTER
Justin answers the age old question: "How do you find high and critical impact vulns?" He says to start thinking bigger. TWITTER
Justin on building extensible tools that can interact with multiple products. TWITTER
Monke tells themself if they can't find bugs, it's just a skill issue and they need to be more creative. A great approach, but remember to be kind to yourself. TWITTER
Awesome accounts to follow. Randomly selected from my curated Twitter lists.
@inkdrop_app | Takuya aka devaslife | Maker of a Markdown note-taking app | 150k subs.
@HazanaSec | ʜᴀᴢᴀɴᴀ.
Dr. Julie on the benefit of spending just 30 minutes to plan you week. You'll be organized, prepared, and more effective. TWITTER
Thomas on generators of happiness: excercise, connection, and feeling helpful. TWITTER
Daniel on limiting or reducing scope. As Peter Thiel puts it: "If you have a 10-year plan of how to get [somewhere], you should ask: Why can’t you do this in 6 months?" TWITTER
9 ways to keep your home organized — Nothing groundbreaking but it's a continuous struggle for me still. YOUTUBE
Jason on time management: "Don't get better at managing your time, get better at eliminating obligations." TWITTER
Get $200 to try DigitalOcean. Level up your bug bounty game with the ultimate VPS solution. It's my go-to for all recon, automation, and even VPN needs. Get access to a comprehensive range of cloud resources, all at an affordable price.
7 anti-ego principles by swyx: "10 year career start with 10 day sprints." TWITTER
How to move your local AWS creds to IAM identity center. TWITTER
When a vim user makes a product: a spacebar peek — I don't even know what the product is, but I just had to share this. Keyboard shortcuts for life! TWITTER
githubnext/monaspace is a monospaced type superfamily with some modern tricks up its sleeves — I'm a sucker for fonts. I gotta catch 'em all' GITHUB
continuedev/what-llm-to-use is a perspective from the Dev+AI. The first choice you typically make is whether you are going to use an open-source or a commercial model. GITHUB
The television series Mozart in the Jungle reminds us of the beauty of being an amateur: "You say 'amateur' as if it was a dirty word. 'Amateur' comes from the Latin word 'amare', which means to love. To do things for the love of it." Source: Mozart in the Jungle JAMESCLEAR
Jack on not settling down and to thrive in mind and spirit. TWITTER
Chase talks about How To Be Yourself: "Be yourself, everyone else is already taken." YOUTUBE
Douglas on the under appreciation about the joy that comes with being a novice at something: "Enjoy it!" TWITTER
A reminder from Justin that you aren't rewarded for hard work. You're rewarded for creating something of value. TWITTER
Kepano on being in good hands: "[...] When I am in good hands I open myself to a state of curiosity and appreciation [...]" TWITTER
Lenny interviews Brian Chesky on his new playbook. Brian is the co-founder and CEO of Airbnb. Under his leadership, Airbnb has grown into a community of over 4 million hosts who have welcomed more than 1.5 billion guests across over 220 countries and regions. YOUTUBE
bald and bankrupt crossed the World's Deadliest Jungle: Darien Gap. YOUTUBE
Behind The Scenes Of Dragon's Den. Steven Answers The Top 10 Most Google'd Questions — I'm always fascinated with behind the scenes and a day in the life of content. YOUTUBE
Famous pickpocket Apollo Robbins demonstrates tricks of the trade. YOUTUBE
There is an art to lighting a smoker and keeping it lit so that it is available when acquired during a colony examination. A good smoker fuel burns slowly and produces a cool smoke. Soft rotten wood, wood chips, small pieces of kindling, or long pine needles are all suitable. Other useful materials are raw cotton fibers or compressed straw pellets. Avoid using any materials that have been treated with a fire retardant or chemicals such as insecticides.
This bee fact is brought to you by The Beekeeper's Bible: Bees, Honey, Recipes & Other Home Uses.
Subscribe to the Hive Five to read the rest.
Become a paying subscriber of the Hive Five to get access to this post and other subscriber-only content.
Already a paying subscriber? Sign In