正在加载视频...

视频加载失败

返回首页

Nerve ( ) and the code_auditor example tasklet ( ) using GPT-4o to find a RCE vulnerability in the widget-options v4.0.7 Wordpress Plugin 🧠 Zero code, fully autonomous agent as a simple YAML file.

evilsocket's profile picture

Simone Margaritelli

46,770 subscribers

32,482 次观看 • 1 年前 •via X (Twitter)

科学技术教育新闻政治
LIVE

Anya Rossi• Live Now

Private livecam show

10 条评论

Simone Margaritelli 的头像
Simone Margaritelli1 年前

Pushed v0.4.0 with NVidia NIM integration and a few fixes, thanks to @vysecurity for the request and the help with the API key :D

Simone Margaritelli 的头像
Simone Margaritelli1 年前

The web_fingerprint example tasklet can be used to identify which technologies a website is built with:

blasty 的头像
blasty1 年前

next step: making Nerve deploy the codebase and verify the vulnerability, and then request a CVE? 😎

Simone Margaritelli 的头像
Simone Margaritelli1 年前

first part is essentially there already. As far as requesting the CVE and bearing with the disclosure process go, idk how well an AI would perform :D

Simone Margaritelli 的头像
Simone Margaritelli1 年前

Since the first tweet in this thread, Nerve has been republished to and new providers for Nvidia NIM, DeepSeek and xAI (grok-beta is pretty great with tool calling) have been implemented 🚀

AndrewMohawk⁽ⁿᵘˡˡ⁾ 的头像
AndrewMohawk⁽ⁿᵘˡˡ⁾1 年前

How well has it done with others? Similarly? I think it would be interesting to build a list of _recent_ vulns in a dir and compare the stats!

Simone Margaritelli 的头像
Simone Margaritelli1 年前

i didn't try them all, but generally GPT and Claude models perform similarly, with bigger Anthropic models being better at extrapolating context and finding logic bugs while OpenAI seem better at single file vulnerabilities ... LLama models a bit worse than the others, but considering they're free who can complain :D

waba fking fet 的头像
waba fking fet1 年前

really cool man

Simone Margaritelli 的头像
Simone Margaritelli1 年前

thanks!

SickSec 🇲🇦 🇵🇸 的头像
SickSec 🇲🇦 🇵🇸1 年前

cc @wld_basha @rez0__ 👀

相关视频

The new ChatGPT Mac app is amazing. I got a fully working Breakout game code using a shortcut to pull up the app with GPT-4o and a simple screenshot of my screen. So many use cases and faster workflows.
0:29

The new ChatGPT Mac app is amazing. I got a fully working Breakout game code using a shortcut to pull up the app with GPT-4o and a simple screenshot of my screen. So many use cases and faster workflows.

Alvaro Cintas

1,729,679 次观看 • 2 年前

🎥 Introducing Pressship: a terminal-first, agent-ready CLI workflow for WordPress plugin publishing. The idea: make plugin releases simpler, more predictable, and more agent-ready, while keeping WordPress review + SVN flows explicit. →
8:09

🎥 Introducing Pressship: a terminal-first, agent-ready CLI workflow for WordPress plugin publishing. The idea: make plugin releases simpler, more predictable, and more agent-ready, while keeping WordPress review + SVN flows explicit. →

fatih kadir akın

22,991 次观看 • 20 天前

Introducing Predicted Outputs—dramatically decrease latency for gpt-4o and gpt-4o-mini by providing a reference string. Speed up: - Updating a blog post in a doc - Iterating on prior responses - Rewriting code in an existing file, like Exponent here:
0:22

Introducing Predicted Outputs—dramatically decrease latency for gpt-4o and gpt-4o-mini by providing a reference string. Speed up: - Updating a blog post in a doc - Iterating on prior responses - Rewriting code in an existing file, like Exponent here:

OpenAI Developers

580,671 次观看 • 1 年前

I built an automated AI competitor analyis team with multi-agents. It has 3 AI agents working together as a team: 1. Data Extraction Agent using Firecrawl 2. Analyst Agent using OpenAI GPT-4o 3. Competitor Research Agent using Perplexity AI or Exa AI 100% Opensource code.
0:45

I built an automated AI competitor analyis team with multi-agents. It has 3 AI agents working together as a team: 1. Data Extraction Agent using Firecrawl 2. Analyst Agent using OpenAI GPT-4o 3. Competitor Research Agent using Perplexity AI or Exa AI 100% Opensource code.

Shubham Saboo

65,158 次观看 • 1 年前

The ChatGPT Mac app is the ultimate screenshot-to-code tool. Screenshot anything, paste it in the ChatGPT shortcut, and just tell GPT-4o to code it for you. Here's me taking a snapshot of Snake Game and getting fully working code in 90 seconds. Video is on 3x speed.
0:29

The ChatGPT Mac app is the ultimate screenshot-to-code tool. Screenshot anything, paste it in the ChatGPT shortcut, and just tell GPT-4o to code it for you. Here's me taking a snapshot of Snake Game and getting fully working code in 90 seconds. Video is on 3x speed.

Rowan Cheung

860,701 次观看 • 2 年前

🚨POC RELEASED🚨PoC for SQL Injection leads to RCE in Wordpress released (CVE-2024-27956). #Clearnet #DarkWebInformer #DarkWeb #Exploit #Cyberattack #Cybercrime #Wordpress #Infosec #CTI #CVE202427956 #Vulnerability
1:06

🚨POC RELEASED🚨PoC for SQL Injection leads to RCE in Wordpress released (CVE-2024-27956). #Clearnet #DarkWebInformer #DarkWeb #Exploit #Cyberattack #Cybercrime #Wordpress #Infosec #CTI #CVE202427956 #Vulnerability

Dark Web Informer

51,367 次观看 • 2 年前

Creating and customizing images is as simple as chatting using GPT‑4o—just describe what you need, including any specifics like aspect ratio, exact colors using hex codes, or a transparent background.
1:41

Creating and customizing images is as simple as chatting using GPT‑4o—just describe what you need, including any specifics like aspect ratio, exact colors using hex codes, or a transparent background.

OpenAI

286,499 次观看 • 1 年前

I found a plugin to build programmatic SEO sites in WordPress using the block editor! This method is MUCH more "programmatic". It's also 100x faster than WP All Import. Here's a video explaining the plugin + how it works (plugin link in the thread):
11:03

I found a plugin to build programmatic SEO sites in WordPress using the block editor! This method is MUCH more "programmatic". It's also 100x faster than WP All Import. Here's a video explaining the plugin + how it works (plugin link in the thread):

Ian Nuttall

81,451 次观看 • 3 年前

🚨 CVE-2025-6389: WordPress Sneeit Framework plugin vulnerability currently under active exploitation PoC: ▪️Vulnerability Type: Remote Code Execution (RCE) ▪️CVSS: 9.8 ▪️Published: 11/24/2025 Impact: ▪️Full site compromise ▪️Create admin accounts ▪️Install backdoors/malicious files ▪️Redirect visitors or inject malware Credit:
1:17

🚨 CVE-2025-6389: WordPress Sneeit Framework plugin vulnerability currently under active exploitation PoC: ▪️Vulnerability Type: Remote Code Execution (RCE) ▪️CVSS: 9.8 ▪️Published: 11/24/2025 Impact: ▪️Full site compromise ▪️Create admin accounts ▪️Install backdoors/malicious files ▪️Redirect visitors or inject malware Credit:

Dark Web Informer

16,001 次观看 • 5 个月前

I built an AI startup insight tool Agent using Firecrawl FIRE-1 and GPT-4o. FIRE-1 AI Agent navigates websites, clicks buttons, and extracts company data autonomously without writing a single line of custom code. 100% Opensource Code with step-by-step tutorial.
0:40

I built an AI startup insight tool Agent using Firecrawl FIRE-1 and GPT-4o. FIRE-1 AI Agent navigates websites, clicks buttons, and extracts company data autonomously without writing a single line of custom code. 100% Opensource Code with step-by-step tutorial.

Shubham Saboo

23,184 次观看 • 1 年前

I built a complex history feature for my Figma to Code plugin in 3 prompts. This is a 30-min tutorial using Claude Code. The difference in code generation between gpt-4o, Claude 3.5 and 3.7 is insane. 3.7 produces near-perfect results and is far more consistent. It's really a designer's best friend, not missing details from the design, like adaptive layout, outlines, spacing, etc. It seems like the new model has great taste now.
30:38

I built a complex history feature for my Figma to Code plugin in 3 prompts. This is a 30-min tutorial using Claude Code. The difference in code generation between gpt-4o, Claude 3.5 and 3.7 is insane. 3.7 produces near-perfect results and is far more consistent. It's really a designer's best friend, not missing details from the design, like adaptive layout, outlines, spacing, etc. It seems like the new model has great taste now.

Meng To

32,462 次观看 • 1 年前

using tools, Cursor Agent have the capability to reason about when it should - read & write code - search your codebase - call MCP servers - run terminal commands an example where it connects to a postgres database, runs a query and writes to file
0:25

using tools, Cursor Agent have the capability to reason about when it should - read & write code - search your codebase - call MCP servers - run terminal commands an example where it connects to a postgres database, runs a query and writes to file

eric zakariasson

34,917 次观看 • 1 年前

I built a multimodal AI Coding Agent team with multi-agents. It has 3 AI agents working together as a team to generate and execute the code: 1. Coding Agent using o-3 mini 2. Vision Agent using Gemini 3. Code Execution Agent using o-3 mini and E2B 100% Opensource Code.
1:36

I built a multimodal AI Coding Agent team with multi-agents. It has 3 AI agents working together as a team to generate and execute the code: 1. Coding Agent using o-3 mini 2. Vision Agent using Gemini 3. Code Execution Agent using o-3 mini and E2B 100% Opensource Code.

Shubham Saboo

42,261 次观看 • 1 年前

Better code completions in an instant⚡️ Check out the GPT-4o Copilot model in Visual Studio Code
0:43

Better code completions in an instant⚡️ Check out the GPT-4o Copilot model in Visual Studio Code

GitHub

27,914 次观看 • 1 年前

Celebrity Mortal Kombat 2025 Edition. Brought to life using GPT 4o image generation. I couldn't resist making a 3.5 minute version with the biggest roster yet, around 80 characters! Made in one weekend using: Image: GPT 4o Video: VEO2 & Kling Audio: ElevenLabs
3:28

Celebrity Mortal Kombat 2025 Edition. Brought to life using GPT 4o image generation. I couldn't resist making a 3.5 minute version with the biggest roster yet, around 80 characters! Made in one weekend using: Image: GPT 4o Video: VEO2 & Kling Audio: ElevenLabs

Elliot - @InterdimensionalTV

89,014 次观看 • 1 年前

Don't make your agent hunt for the right file. Use Cmd+L to highlight a specific block and send it straight to the Antigravity Agent chat prompt as a context item. Watch as we turn a simple list of flavors into 12 with zero distractions, just direct revision. Clean context is the secret ingredient. 🍦✨
1:11

Don't make your agent hunt for the right file. Use Cmd+L to highlight a specific block and send it straight to the Antigravity Agent chat prompt as a context item. Watch as we turn a simple list of flavors into 12 with zero distractions, just direct revision. Clean context is the secret ingredient. 🍦✨

Google Antigravity

80,853 次观看 • 3 个月前

I used GPT-4o to create STL file for 3D model in ~ 20 seconds on my phone. Pretty remarkable what you can generate with AI and simple prompt now.
0:26

I used GPT-4o to create STL file for 3D model in ~ 20 seconds on my phone. Pretty remarkable what you can generate with AI and simple prompt now.

Min Choi

3,443,647 次观看 • 2 年前

Skills allow you to extend Claude Code in new ways using pre-packaged instructions and code. For example, add the docx skill to let Claude Code create word documents. I think skills make Claude Code even better as a general purpose agent, I'm excited to see how you use them!
0:26

Skills allow you to extend Claude Code in new ways using pre-packaged instructions and code. For example, add the docx skill to let Claude Code create word documents. I think skills make Claude Code even better as a general purpose agent, I'm excited to see how you use them!

Thariq

127,862 次观看 • 7 个月前

I made two AI Agents play tic-tac-toe with each other while the third agent watched as a judge. Agent X powered by Gemini Flash 2.0 Agent O powered by DeepSeek v3 Judge Agent powered by GPT-4o 100% Opensource code with step-by-step tutorial.
0:57

I made two AI Agents play tic-tac-toe with each other while the third agent watched as a judge. Agent X powered by Gemini Flash 2.0 Agent O powered by DeepSeek v3 Judge Agent powered by GPT-4o 100% Opensource code with step-by-step tutorial.

Shubham Saboo

118,528 次观看 • 1 年前