Stishy

Using a coding hardness? Hook NightBeacon up to it. Drop files, logs, whatever - have it automatically RE it, give full timeline of artifacts. Have it automatically spin up containers and detonate malware, snag all the IOCs, submit it to TI sources automatically. Runs through Suricata, Zeek, Hayabusa, CAPE, and many others including 10K+ yara rules. Use velociraptor? Dump it in, automatically analyzes, reaches out via connectors to pull additional data if necessary, gives you full timelines. Want to kick off a threat hunt ? Cool, ask NightBeacon to generate a hypothesis based threat hunt on the past week of activity, pushes through your connectors, brings results back and analysis. Want to take action? "Contain these hosts". Done. Just want to see how your org is doing? "How am I looking today?" #BinaryDefense

分享一个比较危险的项目 逆向工程以前是安全大佬的专属技能，现在有人把它做成了技能包，直接喂给 AI。 项目叫 reverse-skill，核心思路很简单：只要塞一个routing.md进去，告诉 AI 遇到不同的安全任务该走哪条路。AI 拿到之后自动分诊，自己决定用什么工具、什么方法。 覆盖 20 多个子技能方向：APK 逆向分析、IDA 静态分析、JS 前端逆向、固件安全、EDR 绕过、漏洞利用……基本上安全攻防常见场景都能覆盖。 20多个子技能，安全攻防的门槛被AI又踩平了一截。是好是坏，各位自己掂量着看。 项目地址：https://t.co/tqd95pObVT

If I have one recommendation to give, transform into deterministic workflows EVERYTHING you can to offload your agent. This will: - Save tones of tokens at runtime - Make your workflow more deterministic and less reliant on the LLM to accomplish key steps Tokens are cheap now and you should enjoy the party, but that will change. The more you build for the long term in a deterministic way, the more tokens you’ll save in the future, so you will spend less compare to your competitors, think about that. So invest time in building your system, and thank me later.

Have you noticed that those deep-dive stories about complex Windows malware have pretty much vanished, especially in recent years? It feels like the era of "blockbuster" Windows malware has just gone silent, and this blog post tries to give some answers why. https://t.co/sFsf3uPm5o