MoEla @ShifraTech
Software Engineering & Security Research (Red Teaming) 🔜🔜 Youtuber soon... building @TalibAI_inc I mostly retweet to share with my future self and others 💖 youtube.com/@ShifraTech ring-2 Joined March 2019-
Tweets411
-
Followers44
-
Following781
-
Likes755
Guess ill move off of Vercel for (unpaid) personal projects at this point. I dont mind if people ask permission for this, and everyones free to make their own choices, but I am your funnel, not your product.
Hackers claim to have breached Gravy Analytics, a US location data broker selling to government agencies. They shared 3 samples on a Russian forum, exposing millions of location points across the US, Russia, and Europe. It's OSINT time! 👇
خلصت آخر كتاب ابتديت أقراه في 2024: Wiring the Winning Organization لجين كيم (The Phoenix Project, The DevOps Handbook, Accelerate) وستيف سبير (The High-Velocity Edge). الكتاب بيتكلم عن الإحساس اللي أحيانا بنحس بيه في الشغل: ليه كل حاجة بتاخد وقت طويل ومعاها مشاكل كتير، وهي مفروض تمشي أسرع؟ المؤلفين حددوا ثلاث مبادئ أساسية: • Slowification: بيشجعك تاخد وقت توقف فيه، تخطط كويس، وتتأقلم مع التغيرات بمرونة. يعني زي ما العربيات في السباق بتاخد pit stops علشان تزود البنزين وتصلح أي حاجة محتاجة. • Simplification: بيخليك تقسم الشغل لأجزاء صغيرة وسهلة الإدارة بدل ما تكون في مشاريع ضخمة ومعقدة. ده بيساعد الفريق يركز أكتر ويشتغل بكفاءة أعلى. • Amplification: بيهتم بإبراز المشاكل الصغيرة بسرعة قبل ما تكبر وتبقى صعبة التعامل معاها. يعني تكتشف المشكلات في وقتها وتحلها قبل ما تتحول لكوارث مستقبلية. وبيستخدموا ثلاث Layers: 1. Layer 1: جوهر شغلك (كود، مواصفات المنتج، تصميمات) 2. Layer 2: الأدوات والمنصات اللي بتعتمد عليها (software، معدات) 3. Layer 3: “social circuitry”—طرق القيادة، العمليات، والعادات اللي بتربط جهود الكل مع بعض “لما Layer 3 تكون wired صح، الناس بتاخد بالظبط اللي محتاجينه، في الوقت اللي محتاجينه فيه. مفيش ‘Is anyone handling this?’ — الشغل بيستمر بسلاسة.” الكتاب بيفكرنا إن المنظمات الفعّالة مش بس عن “الشغل بجهد أكتر” أو “full utilization” للأفراد، لكن عن تحسين نظام الشغل كله. لما تشوف نظام شغلك كله متكامل، بتشيل اللبس والتكرار، وفجأة الشغل بيتم بسرعة. لو حاسس إن فريق عملك دايمًا في وضعية hotfix أو غارق في تعقيد مالوش لازمة، Wiring the Winning Organization بيديك طريقة للخروج وبيساعدك تحقق انجازات حقيقية ومستدامة. أنصح بيه بشدة! 🚀
في الـ MACH ecosystem (Microservices, API-first, Cloud-native, Headless)، كل خدمة لها دورها وعزفها الخاص، بس السؤال: إزاي نخلّي كل الأجزاء تعزف بتناغم؟ هنا بيظهر مفهوم الـ Orchestration والـ Choreography. كل واحد فيه مزايا وعيوب، والمهمّ هو إمتى تستخدم ده أو ده. Orchestration: قائد الفرقة وعصاية المايسترو تخيل إنك في أوركسترا موسيقية رسمية. عندك مايسترو ماسك عصاية (الباتون) بيشاور بيها ويقول: “الوتريات الأول، بعدين الآلات النحاسية، والبيانو جهّز نفسك!” بالظبط ده اللي بيحصل في الـ Orchestration. فيه خدمة رئيسية مسؤولة عن تنسيق المهام: Central Brain: الخدمة دي بتبعت أوامر (Commands) لأي مايكروسيرفس مطلوب منها تنفذ خطوة معينة، وتستنى رد “تمام”، وبعدين تبعت الخطوة اللي بعدها. وده مميزاته: - وضوح في المتابعة: علشان عندك نقطة مركزية بتدير سير الطلب، تقدر تحدد فين بالظبط ممكن يحصل خطأ أو تأخير. - سهولة في تعويض الأخطاء: لو في عملية محتاجة تعويض (راجع تنفيذها أو تلغيها)، الخدمة المركزية قادرة ترجع لباقي الخدمات وتقولها: “كل واحد يرجع اللي عمله لو سمحت.” بس لازم ماتقعش في غلطة إنك تحوّل الـ Orchestrator لـ “God Service” يتحكم في كل تفصيلة، ويكون فعليًا مونوليث مقنّع. Choreography: رقصة الباليه الجميلة على الجانب التاني، الـ Choreography بتقولك: “خلّي كل خدمة عارفة دورها لوحدها.” زي فرقة باليه، كل راقص عارف هيعمل حركة معينة أول ما يسمع موسيقى أو يشوف إشارة من الباقيين. - Event-Driven: أي خدمة تعمل Event، والخدمات التانية اللي يهمّها الحدث ده، تشتغل بناءً عليه، من غير ما تستنى أوامر من خدمة مركزية. - مرونة عالية: الخدمات دي مستقلة جدًا عن بعضها، وبالتالي تقدر تتطوّر أو تتغير أسرع. - صعوبة في المراقبة: لإن ما فيش حد ماسك العصاية، محتاج حل قوي للـ Logging والـ Observability، وإلا هتفضل تسأل: “مين السبب في اللخبطة اللي حصلت؟” الحقيقة إن كتير من المشاريع بتستعمل الاتنين مع بعض، لأن كل جزء في السيستم ممكن يناسبه أسلوب مختلف. في النهاية، الهدف هو إن فرقتك الموسيقية (Microservices) تعزف بتناغم حلو، سواء كان عندها مايسترو بعصايته في وسط القاعة، أو بتسمع إشارات بعضها زي فرقة باليه. المهم ما تتحولش لحفلة وفوضى ! المصدر: ninetailed.io/blog/microserv…
We have all heard about attackers leveraging firewall policies or WFP to block EDRs from communicating with their servers. Today I am releasing a @HuntressLabs blog talking about how to mitigate that tampering technique within EDR products: huntress.com/blog/silencing…
this is interesting, instead of installing all root certificates, Windows install the bare minimum and lazy load the rest as requested. This ensures that certificates that are later rejected don’t make it into offline installations. Plus it keeps the OS footprint smaller, there might be websites that you never visit so why have their cert. This might explain why every time you visit a tls website with a new root certificate, Microsoft first check its local store, if it’s not there it checks its online store. If it is in its online store and it’s not revoked or expired it is downloaded and cached in the local store. So next time you don’t have to do that.
very cool to see a pretty exhaustive and extensive technical report on llama-3.1! a few fun snippets 🧵
I recorded a full tutorial on how to build a RAG application using open-source models. It's almost 1 hour. Step by step. I explained everything as if you were 5 years old.
The xz package, starting from version 5.6.0 to 5.6.1, was found to contain a backdoor. The impact of this vulnerability affected Kali between March 26th to March 29th. If you updated your Kali installation on or after March 26th, it is crucial to apply the latest updates today.
What a week, huh? 1. Mojo 🔥 went open-source 2. Claude 3 beats GPT-4 3. $100B supercomputer from MSFT and OpenAI 4. Andrew Ng and Harrison Chase discussed AI Agents 5. Karpathy talked about the future of AI ... And more. Here is everything that will keep you up at night:
here’s a fun fact: almost all modern computer systems depend on a single time zone database that gets updated when local laws change it’s maintained by two people
It's pretty much everywhere - sqlite.org/mostdeployed.h…
For the past few months, I have been learning about internals of databases. I found many excellent articles on writing compilers, but I could not find many practical resources for databases. So I wrote one. CaskDB is the project I wish I had started with. github.com/avinassh/py-ca…
Lots of analysis of the xz/liblzma vulnerability. Most skip over the first step of the attack: 0. The original maintainer burns out, and only the attacker offers to help (so the attacker inherits the trust of the project built by the maintainer). Read their words👇🏻 1/
@windsheep_ Check out this blog for more details, I am still analysing this part! wiz.io/blog/cve-2024-…
LoRA adapters are revolutionary. They have changed how we fine-tune and serve models. Unfortunately, most companies haven't realized it yet. TL;DR: Companies can now start shipping fast and affordable models that can provide a personalized experience to customers. A company has two options when deploying an LLM: • Build a general model that works for all your customers • Build a personalized model for each of your customers Personalized versus general. Everyone knows that quality comes from specialization. Unfortunately, companies cannot fine-tune and serve a custom LLM for each customer. This would be too costly to even consider. And that's where most conversations end. But they shouldn't. I've talked about parameter-efficient fine-tuning before. Specifically, I've written about LoRA and how it helps fine-tune a model for a fraction of the cost. But the beauty of LoRA goes beyond efficiency: LoRA works by creating and training a separate, small adapter. LoRA doesn't modify the original model. You can use multiple adapters with the same model to accomplish different tasks. A company with 100 customers can't fine-tune and serve 100 large models, but they can train a LoRA adapter for each. These adapters are small, and training them is affordable and fast. When serving the models, the company will use the large model and the appropriate adapter to provide personalized results to the customer. They can switch between these adapters while keeping all of them in the same GPU. This is amazing! Serving 100 fine-tuned or traditional models would require 100 GPUs. Serving 1 model with 100 adapters would require a single GPU. If you aren't using LoRA, you should look into it immediately. Unfortunately, fine-tuning your model with LoRA is not straightforward. That's where @monsterapis comes in with their efficient no-code LoRA/QLoRA-powered LLM fine-tuner. To my knowledge, this platform offers the most advanced and efficient way to fine-tune and deploy open-source Large Language Models. They partnered with me and gave me 10,000 free credits for anyone who uses the code "SANTIAGO" in their dashboard: monsterapi.ai/signup If you want to read their latest updates, get free credits and special offers, join their Discord server: discord.com/invite/mVXfag4…
What makes this demo so special is that it's almost entirely server-rendered HTML. The browser is powering the animations entirely through Astro's View Transition API (with fallbacks for browsers that don't yet support it)
NEW: Last week, we @citizenlab captured a "zero-click" exploit used to install Pegasus on the latest version of iOS, 16.6. The exploit installed Pegasus without any interaction from the victim, and was virtually invisible citizenlab.ca/2023/09/blastp…
Riley Davis @daviss_riley
43 Followers 2K Following Bio: Helping High Earners swap Tax Bills for Solar Assets. 📉 Stop losing 50% to the IRS. 📈 Start building 25-year cash flow. Strategies used by Family Offices
EmpressAbigailWilson @HuebSX6f56PJ97K
15 Followers 1K Following Making magic happen, one day at a time.
Irheekiew @Irheekiew03504
15 Followers 523 Following
Pisie @Pisie730
33 Followers 1K Following
De Oppresso Liber Sha... @talibShahbaz2
3K Followers 3K Following Doug Ducey's DCS criminal master ring.Challenge jurisdiction they typical do not have any.Challenge these police,fake judges,& elected officials! #JD36739
Vishal Jain 🇮🇳 @JAINSONVISH
1K Followers 7K Following 🚀 Founder & CEO at Leads21 | Former Project Manager & SDR with @alxberman 🌍 Proudly served 500+ companies worldwide 📈 Follow for Free Valuable Content
halotrixzdj @halotrixzd77619
1 Followers 6 Following
PoppyReynolds @139g527900eFJLe
46 Followers 965 Following
Noollemmeau @noollemmea60619
71 Followers 3K Following
Geshayshough @geshayshou88214
39 Followers 2K Following
qqije618iodr @men87grzpc
16 Followers 427 Following
Mohamed Hashem @MohamedHashemXO
5K Followers 2K Following Senior Frontend Engineer | ex @Microsoft | Building AI Agent Platform 🤖 | Session Lead @Udacity | CS Instructor 🧑💻| Swimmer🤿| Padel 🎾 #react #frontend #ai
civil sparks @civilimpact
1K Followers 7K Following deep weaving social impact x web3 - contributed @nftfsg @regensunite @changecodeio @regencoordinate @publicnouns & more - main: @civilmonkey
Rand0mSv @SvEr35866
54 Followers 7K Following
DESMOUND @olaniyiAbolari3
84 Followers 1K Following
deven @_deven___
218 Followers 758 Following witnessing the magic (preagi)! 🪄 ~ opinions and posts are my own.
Omar @Omar87030554
5 Followers 4K Following
bmwnews @bmwnews2
145 Followers 5K Following
Allen Sanford @_san4d
63 Followers 908 Following Trying to simplify how families manage finances — starting with mine. Founder of @sabal_finance. Posting on https://t.co/YDgxuG6dCh.
Talib AI @TalibAI_inc
1 Followers 1 Following We Develop AI Assistants for Schools, Teachers & Students, That helps you to leverage your own documents. Product by @ShifraTech
^^ @f_6oo_ma
3 Followers 60 Following
λ².Ρεζζα⁴ �... @Hellrezza1
57 Followers 2K Following Life is Hell. Hell is Heaven Am Thinking a little LESS. Am Living More
HDG ZERO @hdg_zero
15 Followers 77 Following
YT | bill2424 @JZorlob_MILO
206 Followers 2K Following LOTS OF Natural Pain for real life xp and digital pain for glory!!! a small programmer/tiktoker,youtuber..wants to help people!
Cthulhu ( ;,;) @Cthulhu_Answers
15K Followers 6K Following ( ;,;) 🌮 🐙 ⛤ Gravitic Propulsion Engineer, Threat Landscaper, Eldritch Historian, Defcon TentacleOps, Xitter Mall Cop #CoT
Bugeyes.1956 @1956Bugeyes
174 Followers 834 Following Jesus lover. Skeptic. INFJ. Retired IT professional. Airbnb Superhost. Vegan. #NormalMeansAverage #ApteraEvangelist you/me/us
BowTiedTrain @BowTiedTrain
156 Followers 2K Following
heccnorris @hacknorris3
136 Followers 279 Following js and python dev | ios and android modder | linux over windows ;} dms always open expect memes, personal thoughts, retweets and yelling at laptop...
Kate Drawdy @GummoXXX
18K Followers 3K Following Created Hackers Podcast (2014) | Mined 180,000 Bitcoin | University Speaker | Retired Black Hat Hacker | Cybersecurity | Quantum | Mulher | Creator of NeverCast
karupasamy @karupasamy1
196 Followers 4K Following
WearyAndroid @wearyandroid
7K Followers 6K Following 🥇Top 50 on #tryhackme 🥇 Aspiring infosec pro & ethical hacker Sharing progress on #HTBAcademy #BlueTeamLabsOnline #pentesterlab #tryhackme #infosec newbie
Fl4sha @1Fl4sha
21 Followers 524 Following
omerbt @3moorbt
20 Followers 76 Following CSE student who is currently learning web development and please don't ask why XD, You can join me in my journey #100daysofcode
Bounty Security @BountySecurity
19K Followers 10K Following Offensive Web Application Security Software
THE H4unt3d Hacker (o... @H4unt3dH
668 Followers 321 Following Haunted Hacker is a podcast we started this year. Its based on my experiences with manipulating systems, networks, websites etc. I have a background in SIGINT.
Rahul Nikhare @Rahul_nikhare_
7 Followers 228 Following
David Cramer @zeeg
33K Followers 758 Following fractional executive, full time founder @sentry https://t.co/quHCKoIxj2
Mitchell Hashimoto @mitchellh
213K Followers 146 Following Creator of Ghostty. 👻 Prev founded @HashiCorp, created Vagrant, Terraform, Vault, and others.
GrapheneOS @GrapheneOS
127K Followers 0 Following Open source privacy and security focused mobile OS with Android app compatibility. Forum, Discord and Matrix: https://t.co/C0RaJbZosj
Yossi Oren יוסי �... @yossioren
881 Followers 111 Following Associate Professor at @bengurionu. Implementation security and side-channel attacks. Looking for students! 🔨🖥🐪🇮🇱
William @kleptographic
1K Followers 190 Following cryptography PhD student @NYU_Courant, defund @dicegangctf, 𝘩⁺
Maher Azzouzi @maherazz2
1K Followers 412 Following
Markus Wulftange @mwulftange
3K Followers 210 Following Principal Security Researcher and Pâtissier at @codewhitesec
Khoa Dinh @_l0gg
2K Followers 117 Following
CODE WHITE GmbH @codewhitesec
7K Followers 44 Following Red Teaming. Security Research. Continuous Penetration Testing. Threat Intelligence.
Ilya Grigorik @igrigorik
70K Followers 336 Following Distinguished Engineer, @Shopify. On a mission to make commerce better for everyone.
Predicta Lab @PredictaLabOff
9K Followers 293 Following Official account of Predicta Lab. Fight disinformation since 2020. Contact us at [email protected] Our articles 👉 https://t.co/LNUm9UOq2H
Mohamed Elsherif @Bashmohandes
53K Followers 3K Following Father. SW Architect @Apple, Host of @AskDevPodcast. #بابا_المجال 🇪🇬🇺🇸
AbuMuslim (أبومُ... @m19o__
10K Followers 3K Following Hacking stuff, building stuff, and occasionally explaining it on stage. Organizer @BSides_ABQ. Board @OWASPEgypt. R&D @aivillage_dc. YT @CyberDose_. Coffee++.
Glen Maddern @glenmaddern
10K Followers 756 Following 🛠️ New stuff @ NVIDIA ⏪ MCP @ Groq, D1 & Pages at Cloudflare, styled-components, CSS Modules, Frontend Center, JSConfAU
React Paris Conf' -by... @BeJS_
2K Followers 5K Following https://t.co/Ntp1Rb9YLu 🦋 https://t.co/YtYOYXiU0I
Elian @ElianCodes
2K Followers 453 Following CTO @ Vulpo | DevRel @ReactBricks | @astrodotbuild Maintainer | @devs.gent meetup organiser | @BeJS_, @BrusselsReact, #ReactParis and #ReactAfrica organiser
Aymen Ben Amor @Aymen_Ben_Amor
1K Followers 5K Following Front-end engineer, JS geek and a React enthusiast. Founder of BeJS (https://t.co/JRblzLUv3F). Org https://t.co/9s1i7g0rt6 / https://t.co/66b1QEBwxK / https://t.co/qzWKx3OJBQ
Dominik 🔮 @TkDodo
57K Followers 411 Following Maintaining TanStack Query • blog at https://t.co/tqjsQfMvyp • Software Engineer @getsentry • ReactJs • TypeScript • 🇦🇹 Vienna, Austria • Father of two 👧👦
DevOps on Azure @AzureDevOps
96K Followers 361 Following Deliver innovation faster with simple, reliable tools for continuous delivery. Official handle of Azure DevOps at Microsoft
Dev Agrawal @devagrawal09
15K Followers 2K Following He/Him Content Creator Core team, @solid_js Core team, @ripple_ts https://t.co/bqdpqbhC3v https://t.co/TyM2hVenFb
fks @FredKSchott
27K Followers 1K Following @astrodotbuild co-creator • @flueai creator • ex-CEO of HTML
GSAP @greensock
38K Followers 915 Following GSAP is an industry standard JavaScript animation library from GreenSock. Craft high-performance animations that work in every major browser.
George Kurtz @George_Kurtz
150K Followers 459 Following President & CEO CrowdStrike, Former CEO of Foundstone, Former CTO of McAfee, and author of Hacking Exposed
Nihal Pasham @npashi
1K Followers 124 Following 🦀 Rust Tech | @Nvidia | Make general purpose GPU programming accessible 🖖 Disclaimer: The views, opinions expressed are my own (not my employer's)
Urban Hacker @realUrbanHacker
2K Followers 330 Following A shadowy #cybersecurity consultant & #gamedev The last great colonizer, I visit very unusual places Pathological Altruist / Misinfluencer
Juliano Rizzo @julianor
10K Followers 2K Following Crypto. Security. BEAST/CRIME SSL/TLS, Padding Oracle Attacks. CEO & Founder @coinspect
Anthony Weems @amlweems
3K Followers 272 Following Cloud Vulnerability Research • The opinions stated here are my own, not those of my company.
Justin Tunney @jartine
43K Followers 370 Following I built a C library that lets you compile 12kb static binaries that run natively on Linux, Mac, Windows, FreeBSD, OpenBSD, NetBSD and BIOS using just GCC/Clang.
v @iavins
13K Followers 2K Following breaking databases @tursodatabase. W1 '21 @recursecenter excited about databases, storage engines and message queues
Nino Floris @NinoFloris
541 Followers 835 Following Founder, helping communities thrive @ https://t.co/sRiCRMpYID. 'Edgy' OSS guy on the side ;)
Rob Mensching @robmen
3K Followers 92 Following @firegiantco CEO & Co-Founder | Benevolent Dictator of @wixtoolset | https://t.co/Irqq1LMRJj for more information
Thomas Roccia 🤘 @fr0gger_
35K Followers 2K Following Founder @SecurityBreakAI AI Security x Threat Intel · Threat Researcher · Creator of #Unprotect & #NOVA · Python 🧡 · Prev @Microsoft @McAfee_Labs
Ahmad Alfy @ahmadalfy
33K Followers 2K Following Engineering @robustastudio. Muslim - Father - Husband - Son. @GoogleDevExpert in Web UI - CEO of @htmx_org Tweet in AR / EN
Ahmed Farghal @AhmedSoliman
39K Followers 2K Following Founder @restatedev. Ex-Stripe and Meta. Distributed systems, politics, and more. https://t.co/ggSkVPTxxD Posts in Arabic and English.
TANSTACK @tan_stack
64K Followers 103 Following Open Source Software for the modern web, apps, and AI






























