Rock Stevens

Autonomous penetration testing using a swarm of AI agents. Orchestrates recon, classification, exploitation, and reporting specialists with ReAct reasoning — supports bug bounty, continuous monitoring, and CTF modes. Built with Go, Claude API, and 7+ native security tools. https://t.co/aVWSujEXr7

I don't know about you, but I've always struggled to keep track of offensive security conferences. I think part of the problem is that there are SO many good ones, and it's just a lot to keep straight. This leads to forgetting about them, which is a problem too. In this vein, I'm happy to share that I've made some really good progress on a way to (hopefully) keep better track of the upcoming offensive security conferences we all care about. On https://t.co/EqYQFPv3hd, if you head over to the "Industry Conferences" page, I'm pleased to report that there are now 87 conferences in the directory… and it's more than just "Black Hat is on August 1st, 2026" btw. A lot more. For example, click into a conference (let's stick with BH as the case study) and you _should_ see every upcoming talk/briefing (currently 88), every upcoming training offered (currently 132), and even 1,500+ past conference talks/briefings from previous years too. You can go deeper than that, though. Take this upcoming BH training by John McIntosh: "Building Agentic RE: Automating Reverse Engineering & Vulnerability Research with AI." If you click John's pink "social chip", which lives on his BH training card, you can quickly see that he's given talks at RE//verse (2026), Objective by the Sea (2025), RECON Montreal (2025), 44CON (2023 + 2025), and Insomni'hack (2024). He also has an upcoming talk at RECON, AND he's delivering trainings at DEF CON, BH, and RECON in 2026. As a bonus, you can see he has a presence on X, Mastodon, GitHub, and YouTube (if you want to give him a follow). There's still a fair bit of work to be done to automate this end-to-end, and not all conferences are filled out yet (mostly because talks + trainings aren't available). But it basically works as a pipeline. Adding a conference kicks off a chain of events: > A conference is added to the site database, and its details are extracted into a stub page > Talks and trainings are extracted and added as tiles, with speaker info attached > Past conference videos are located, then titles and descriptions are parsed for speaker names > Every speaker name is matched, normalized, and deduped across the site (so one person maps to one profile everywhere they appear) > Daily/weekly cron jobs refresh everything and merge new schedule and program info as it becomes available I know I haven't been as active on the socials lately, and I'm behind on messages too (sorry). But I do hope you like these recent upgrades!

Superpowers (206k+ ⭐) is an open agentic skills framework that gives coding agents actual engineering discipline. Core loop it enforces: - Brainstorm thoroughly - Write real design docs - Strict test-driven development - Parallel subagents + mandatory reviews Result: dramatically better output with less wasted time. Works great with Claude Code / Cursor / etc. https://t.co/1U2tMtgPZ3

I've been messing around with CodeGraph and ways to use it in a prompt. This seems to be working: ```This project has CodeGraph initialized. 1. Spawn an Explore agent to deeply understand the relevant parts of the codebase for this task. Instruct it to primarily use codegraph_explore. 2. Once we have the context, propose a plan. 3. Implement the changes. Task: [your task here]``` https://t.co/wQ24dbJ9fD

Inspired by NSA’s recent MCP security guidance, I built metaMCP — a tool that pentests other MCP servers. Quick find in Playwright MCP: browser_navigate can load internal Chrome pages like chrome://settings/. Internal browser pages shouldn’t be reachable. Needs proper URL scheme allowlisting. MCP security has gaps.

https://t.co/YopWLeOOAi NutriGene is a completely free, 100% private tool that lets you upload your raw 23andMe or Ancestry DNA file and instantly get personalized supplement + diet recommendations based on your actual genes. No servers. No data collection. Everything runs in your browser.

NutriGene is now available. It’s a completely free, 100% private tool that lets you upload your raw 23andMe or Ancestry DNA file and instantly get personalized supplement + diet recommendations based on your actual genes. No servers. No data collection. Everything runs in your browser. MTHFR? VDR? APOE? It tells you exactly what your DNA says about vitamins, caffeine, fats, etc. Built in one day with Antigravity. Code is clean, simple vanilla JS + a curated SNP dictionary. → https://t.co/YopWLeOOAi Any interesting findings? Share them.

Lesson learned building in Google Antigravity: When trying to copy a specific aesthetic, **screenshots work better** than written UI guidance. Gave it an exact template URL and it gave me something decent. But feeding it a screenshot of the general style → v1 of your website instantly looks premium. Moral of the story: Show, don’t tell — even to AI.

Just finished my first real Antigravity one-shot project 🔥 Built a full-stack nutrigenomics analyzer (NutriGene) that lets you upload raw 23andMe/Ancestry data and get personalized supplement + diet recommendations tailored to you based on your actual SNPs. 100% client-side, zero data stored. Runs completely in your browser. MTHFR mutation? It just told me I’ve been throwing money away on the wrong form of folic acid for years. Screenshots below👇 Next project with Antigravity: MCP server for my Hak5 Pineapple Tetra