HackerTrans
TopNewTrendsCommentsPastAskShowJobs

tkp-415

no profile record

Submissions

Show HN: ShopLurker - An ecommerce aggregator

shoplurker.com
1 points·by tkp-415·5 माह पहले·0 comments

Instagram's URL Blackhole

medium.com
311 points·by tkp-415·5 माह पहले·48 comments

Show HN: Finding similarities in magazine covers (updated)

shoplurker.com
1 points·by tkp-415·5 माह पहले·0 comments

Show HN: Finding similarities in New Yorker covers

shoplurker.com
18 points·by tkp-415·6 माह पहले·8 comments

comments

tkp-415
·4 माह पहले·discuss
Process substitution is a new concept to me. Definitely adding that method to the toolbox.

It'd be nice to see exactly what the bugbot shell script contained. Perhaps it is what modified the dangerously_disable_sandbox flag, then again, "by default" makes me think it's set when launched.
tkp-415
·5 माह पहले·discuss
My first use case of an LLM for security research was feeding Gemini Semgrep scan results of an open source repo. It definitely was a great way to get the LLM to start looking at something, and provide a usable sink + source flow for manual review.

I assumed I was still dealing with lots of false positives from Gemini due to using the free version and not being able to have it memorize the full code base. Either way combining those two tools makes the review process a lot more enjoyable.
tkp-415
·5 माह पहले·discuss
Can anyone point me in the direction of getting a model to run locally and efficiently inside something like a Docker container on a system with not so strong computing power (aka a Macbook M1 with 8gb of memory)?

Is my only option to invest in a system with more computing power? These local models look great, especially something like https://huggingface.co/AlicanKiraz0/Cybersecurity-BaronLLM_O... for assisting in penetration testing.

I've experimented with a variety of configurations on my local system, but in the end it turns into a make shift heater.
tkp-415
·5 माह पहले·discuss
This is neat. What VPS service do you use? I am trying to replace my tendency to spin up small EC2 instances just to deploy a simple web app.
tkp-415
·5 माह पहले·discuss
Ahh, that seems much simpler. Dump the request / response directly. Now I'm wondering if I can use Gemini to patch Gemini.
tkp-415
·5 माह पहले·discuss
Curious to see how you can get Gemini fully intercepted.

I've been intercepting its HTTP requests by running it inside a docker container with:

-e HTTP_PROXY=http://127.0.0.1:8080 -e HTTPS_PROXY=http://host.docker.internal:8080 -e NO_PROXY=localhost,127.0.0.1

It was working with mitmproxy for a very brief period, then the TLS handshake started failing and it kept requesting for re-authentication when proxied.

You can get the whole auth flow and initial conversation starters using Burp Suite and its certificate, but the Gemini chat responses fail in the CLI, which I understand is due to how Burp handles HTTP2 (you can see the valid responses inside Burp Suite).
tkp-415
·6 माह पहले·discuss
Hashes generated using https://pypi.org/project/ImageHash/, then a hamming distance is calculated with SQL.

Unfortunately I don't currently have a repo that can be forked.
tkp-415
·6 माह पहले·discuss
The confusion is understandable as the comparison is basic and uses image hashes (https://pypi.org/project/ImageHash/), which are pretty surface level and don't always provide reliable "this image is obviously very similar to that one" results.

You are correct that when you click something in the brackets, the results returned are covers similar to what you clicked.

Still have a lot of room for improvement as I go further down this image matching rabbit hole, but the comparison's current state does provide some useful results every so often.