Загрузка видео...

Не удалось загрузить видео

Возникла проблема при загрузке этого видео. Это может быть связано с временными проблемами сети или видео может быть недоступно.

На главную

Nerve ( ) and the code_auditor example tasklet ( ) using GPT-4o to find a RCE vulnerability in the widget-options v4.0.7 Wordpress Plugin 🧠 Zero code, fully autonomous agent as a simple YAML file.

Simone Margaritelli

46,770 subscribers

32,482 просмотров • 1 год назад •via X (Twitter)

Наука и технологии Образование Новости и политика

Anya Rossi• Live Now

Private livecam show

Комментарии: 10

Фото профиля Simone Margaritelli

Simone Margaritelli1 год назад

Pushed v0.4.0 with NVidia NIM integration and a few fixes, thanks to @vysecurity for the request and the help with the API key :D

Фото профиля Simone Margaritelli

Simone Margaritelli1 год назад

The web_fingerprint example tasklet can be used to identify which technologies a website is built with:

Фото профиля blasty

blasty1 год назад

next step: making Nerve deploy the codebase and verify the vulnerability, and then request a CVE? 😎

Фото профиля Simone Margaritelli

Simone Margaritelli1 год назад

first part is essentially there already. As far as requesting the CVE and bearing with the disclosure process go, idk how well an AI would perform :D

Фото профиля Simone Margaritelli

Simone Margaritelli1 год назад

Since the first tweet in this thread, Nerve has been republished to and new providers for Nvidia NIM, DeepSeek and xAI (grok-beta is pretty great with tool calling) have been implemented 🚀

Фото профиля AndrewMohawk⁽ⁿᵘˡˡ⁾

AndrewMohawk⁽ⁿᵘˡˡ⁾1 год назад

How well has it done with others? Similarly? I think it would be interesting to build a list of _recent_ vulns in a dir and compare the stats!

Фото профиля Simone Margaritelli

Simone Margaritelli1 год назад

i didn't try them all, but generally GPT and Claude models perform similarly, with bigger Anthropic models being better at extrapolating context and finding logic bugs while OpenAI seem better at single file vulnerabilities ... LLama models a bit worse than the others, but considering they're free who can complain :D

Фото профиля waba fking fet

waba fking fet1 год назад

really cool man

Фото профиля Simone Margaritelli

Simone Margaritelli1 год назад

thanks!

Фото профиля SickSec 🇲🇦 🇵🇸

SickSec 🇲🇦 🇵🇸1 год назад

cc @wld_basha @rez0__ 👀

Похожие видео

The new ChatGPT Mac app is amazing. I got a fully working Breakout game code using a shortcut to pull up the app with GPT-4o and a simple screenshot of my screen. So many use cases and faster workflows.

The new ChatGPT Mac app is amazing. I got a fully working Breakout game code using a shortcut to pull up the app with GPT-4o and a simple screenshot of my screen. So many use cases and faster workflows.

Alvaro Cintas

1,729,679 просмотров • 2 лет назад

🎥 Introducing Pressship: a terminal-first, agent-ready CLI workflow for WordPress plugin publishing. The idea: make plugin releases simpler, more predictable, and more agent-ready, while keeping WordPress review + SVN flows explicit. →

🎥 Introducing Pressship: a terminal-first, agent-ready CLI workflow for WordPress plugin publishing. The idea: make plugin releases simpler, more predictable, and more agent-ready, while keeping WordPress review + SVN flows explicit. →

fatih kadir akın

22,922 просмотров • 13 дней назад

Introducing Predicted Outputs—dramatically decrease latency for gpt-4o and gpt-4o-mini by providing a reference string. Speed up: - Updating a blog post in a doc - Iterating on prior responses - Rewriting code in an existing file, like Exponent here:

Introducing Predicted Outputs—dramatically decrease latency for gpt-4o and gpt-4o-mini by providing a reference string. Speed up: - Updating a blog post in a doc - Iterating on prior responses - Rewriting code in an existing file, like Exponent here:

OpenAI Developers

580,584 просмотров • 1 год назад

I built an automated AI competitor analyis team with multi-agents. It has 3 AI agents working together as a team: 1. Data Extraction Agent using Firecrawl 2. Analyst Agent using OpenAI GPT-4o 3. Competitor Research Agent using Perplexity AI or Exa AI 100% Opensource code.

I built an automated AI competitor analyis team with multi-agents. It has 3 AI agents working together as a team: 1. Data Extraction Agent using Firecrawl 2. Analyst Agent using OpenAI GPT-4o 3. Competitor Research Agent using Perplexity AI or Exa AI 100% Opensource code.

Shubham Saboo

65,158 просмотров • 1 год назад

The ChatGPT Mac app is the ultimate screenshot-to-code tool. Screenshot anything, paste it in the ChatGPT shortcut, and just tell GPT-4o to code it for you. Here's me taking a snapshot of Snake Game and getting fully working code in 90 seconds. Video is on 3x speed.

The ChatGPT Mac app is the ultimate screenshot-to-code tool. Screenshot anything, paste it in the ChatGPT shortcut, and just tell GPT-4o to code it for you. Here's me taking a snapshot of Snake Game and getting fully working code in 90 seconds. Video is on 3x speed.

Rowan Cheung

860,684 просмотров • 2 лет назад

🚨POC RELEASED🚨PoC for SQL Injection leads to RCE in Wordpress released (CVE-2024-27956). #Clearnet #DarkWebInformer #DarkWeb #Exploit #Cyberattack #Cybercrime #Wordpress #Infosec #CTI #CVE202427956 #Vulnerability

🚨POC RELEASED🚨PoC for SQL Injection leads to RCE in Wordpress released (CVE-2024-27956). #Clearnet #DarkWebInformer #DarkWeb #Exploit #Cyberattack #Cybercrime #Wordpress #Infosec #CTI #CVE202427956 #Vulnerability

Dark Web Informer

51,329 просмотров • 2 лет назад

🚨 CVE-2025-6389: WordPress Sneeit Framework plugin vulnerability currently under active exploitation PoC: ▪️Vulnerability Type: Remote Code Execution (RCE) ▪️CVSS: 9.8 ▪️Published: 11/24/2025 Impact: ▪️Full site compromise ▪️Create admin accounts ▪️Install backdoors/malicious files ▪️Redirect visitors or inject malware Credit:

🚨 CVE-2025-6389: WordPress Sneeit Framework plugin vulnerability currently under active exploitation PoC: ▪️Vulnerability Type: Remote Code Execution (RCE) ▪️CVSS: 9.8 ▪️Published: 11/24/2025 Impact: ▪️Full site compromise ▪️Create admin accounts ▪️Install backdoors/malicious files ▪️Redirect visitors or inject malware Credit:

Dark Web Informer

16,001 просмотров • 4 месяцев назад

Creating and customizing images is as simple as chatting using GPT‑4o—just describe what you need, including any specifics like aspect ratio, exact colors using hex codes, or a transparent background.

Creating and customizing images is as simple as chatting using GPT‑4o—just describe what you need, including any specifics like aspect ratio, exact colors using hex codes, or a transparent background.

OpenAI

285,833 просмотров • 1 год назад

I found a plugin to build programmatic SEO sites in WordPress using the block editor! This method is MUCH more "programmatic". It's also 100x faster than WP All Import. Here's a video explaining the plugin + how it works (plugin link in the thread):

I found a plugin to build programmatic SEO sites in WordPress using the block editor! This method is MUCH more "programmatic". It's also 100x faster than WP All Import. Here's a video explaining the plugin + how it works (plugin link in the thread):

Ian Nuttall

81,449 просмотров • 2 лет назад

I built an AI startup insight tool Agent using Firecrawl FIRE-1 and GPT-4o. FIRE-1 AI Agent navigates websites, clicks buttons, and extracts company data autonomously without writing a single line of custom code. 100% Opensource Code with step-by-step tutorial.

I built an AI startup insight tool Agent using Firecrawl FIRE-1 and GPT-4o. FIRE-1 AI Agent navigates websites, clicks buttons, and extracts company data autonomously without writing a single line of custom code. 100% Opensource Code with step-by-step tutorial.

Shubham Saboo

23,133 просмотров • 1 год назад

I built a complex history feature for my Figma to Code plugin in 3 prompts. This is a 30-min tutorial using Claude Code. The difference in code generation between gpt-4o, Claude 3.5 and 3.7 is insane. 3.7 produces near-perfect results and is far more consistent. It's really a designer's best friend, not missing details from the design, like adaptive layout, outlines, spacing, etc. It seems like the new model has great taste now.

I built a complex history feature for my Figma to Code plugin in 3 prompts. This is a 30-min tutorial using Claude Code. The difference in code generation between gpt-4o, Claude 3.5 and 3.7 is insane. 3.7 produces near-perfect results and is far more consistent. It's really a designer's best friend, not missing details from the design, like adaptive layout, outlines, spacing, etc. It seems like the new model has great taste now.

Meng To

32,462 просмотров • 1 год назад

using tools, Cursor Agent have the capability to reason about when it should - read & write code - search your codebase - call MCP servers - run terminal commands an example where it connects to a postgres database, runs a query and writes to file

using tools, Cursor Agent have the capability to reason about when it should - read & write code - search your codebase - call MCP servers - run terminal commands an example where it connects to a postgres database, runs a query and writes to file

eric zakariasson

34,917 просмотров • 1 год назад

I built a multimodal AI Coding Agent team with multi-agents. It has 3 AI agents working together as a team to generate and execute the code: 1. Coding Agent using o-3 mini 2. Vision Agent using Gemini 3. Code Execution Agent using o-3 mini and E2B 100% Opensource Code.

I built a multimodal AI Coding Agent team with multi-agents. It has 3 AI agents working together as a team to generate and execute the code: 1. Coding Agent using o-3 mini 2. Vision Agent using Gemini 3. Code Execution Agent using o-3 mini and E2B 100% Opensource Code.

Shubham Saboo

42,261 просмотров • 1 год назад

Better code completions in an instant⚡️ Check out the GPT-4o Copilot model in Visual Studio Code

Better code completions in an instant⚡️ Check out the GPT-4o Copilot model in Visual Studio Code

GitHub

27,914 просмотров • 1 год назад

I used GPT-4o to create STL file for 3D model in ~ 20 seconds on my phone. Pretty remarkable what you can generate with AI and simple prompt now.

I used GPT-4o to create STL file for 3D model in ~ 20 seconds on my phone. Pretty remarkable what you can generate with AI and simple prompt now.

Min Choi

3,443,647 просмотров • 2 лет назад

Don't make your agent hunt for the right file. Use Cmd+L to highlight a specific block and send it straight to the Antigravity Agent chat prompt as a context item. Watch as we turn a simple list of flavors into 12 with zero distractions, just direct revision. Clean context is the secret ingredient. 🍦✨

Don't make your agent hunt for the right file. Use Cmd+L to highlight a specific block and send it straight to the Antigravity Agent chat prompt as a context item. Watch as we turn a simple list of flavors into 12 with zero distractions, just direct revision. Clean context is the secret ingredient. 🍦✨

Google Antigravity

80,814 просмотров • 2 месяцев назад

Celebrity Mortal Kombat 2025 Edition. Brought to life using GPT 4o image generation. I couldn't resist making a 3.5 minute version with the biggest roster yet, around 80 characters! Made in one weekend using: Image: GPT 4o Video: VEO2 & Kling Audio: ElevenLabs

Celebrity Mortal Kombat 2025 Edition. Brought to life using GPT 4o image generation. I couldn't resist making a 3.5 minute version with the biggest roster yet, around 80 characters! Made in one weekend using: Image: GPT 4o Video: VEO2 & Kling Audio: ElevenLabs

Elliot - @InterdimensionalTV

89,014 просмотров • 1 год назад

The open-source Box Cursor Plugin transforms your Cursor agent into a secure enterprise operator. Now you can search, summarize, and extract Box content directly inside your IDE. Guide agent behavior using simple, natural language rules (no complex code required), while enforcing strict security guardrails that protect your enterprise data. Get the full breakdown and explore the plugin on the Cursor marketplace 👉

The open-source Box Cursor Plugin transforms your Cursor agent into a secure enterprise operator. Now you can search, summarize, and extract Box content directly inside your IDE. Guide agent behavior using simple, natural language rules (no complex code required), while enforcing strict security guardrails that protect your enterprise data. Get the full breakdown and explore the plugin on the Cursor marketplace 👉

Box

351,536 просмотров • 3 месяцев назад

I've been experimenting with using the new analyzer plugin API for code generation, and it's actually really cool! ⚡️ Instant code generation 🔬 Surgical updates in the same file 🔎 Report outdated/wrong code as lint warnings 🪄 Auto-regenerate outdated/wrong code via 'dart fix'

I've been experimenting with using the new analyzer plugin API for code generation, and it's actually really cool! ⚡️ Instant code generation 🔬 Surgical updates in the same file 🔎 Report outdated/wrong code as lint warnings 🪄 Auto-regenerate outdated/wrong code via 'dart fix'

Kilian Schulte 💙

37,947 просмотров • 7 месяцев назад