Tom Van de Wiele's Avatar

Tom Van de Wiele

@0xtosh.bsky.social

Offensive R&D Lead β€’ Hacker β€’ Advisor β€’ Speaker Founder & CEO Hacker Minded https://hackerminded.net https://www.linkedin.com/in/tomvandewiele/ Cybersecurity, Offensive/Defensive Security, Privacy, Tech & Retro Games Copenhagen, DK πŸ‡©πŸ‡°

211 Followers  |  362 Following  |  102 Posts  |  Joined: 25.10.2024  |  1.6376

Latest posts by 0xtosh.bsky.social on Bluesky

Post image Post image

One of my favorite Web 1.0 sites is the β€œSilicon Zoo”.



Microscopic images of easter eggs hidden in CPUs. It’s way weirder than you’d expect. 



Sonic, the Space Shuttle...and a wedding invitation?

18.09.2025 06:46 β€” πŸ‘ 51    πŸ” 6    πŸ’¬ 3    πŸ“Œ 0
Preview
Fight Chat Control (@chatcontrol@mastodon.social) Attached: 1 image Danish Minister of Justice and chief architect of the current Chat Control proposal, Peter Hummelgaard: "We must break with the totally erroneous perception that it is everyone's c...

Danish Minister of Justice: "We must break with the totally erroneous perception that it is everyone's civil liberty to communicate on encrypted messaging services."

get rekt, fascist.

mastodon.social/@chatcontrol...

15.09.2025 08:33 β€” πŸ‘ 1    πŸ” 1    πŸ’¬ 1    πŸ“Œ 0
The Hacker Pager | exploitee.rs

Hacker chique LoRa pager, of course sold out already. But makes me want to make my own LoRa mesh chat device using meshtastic or a similar stack.
hackerpager.net

27.07.2025 08:05 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0
Preview
Why thousands of YouTube videos are about to lose money The big question for content creators: Will your videos still pay?

Wow, YouTube is actually doing the right thing here: gulfnews.com/technology/y...

10.07.2025 06:18 β€” πŸ‘ 68    πŸ” 11    πŸ’¬ 10    πŸ“Œ 2

@cyberdyne-t800.bsky.social

03.07.2025 11:16 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0

AI voices need to identify themselves as such, so the other party knows they are talking to a software robot. If we know we are talking to a robot, we absolutely do not need AI voices doing emotional vocalisations, or even worse: vocal fry or uptalk. Instant tab close and laptop slam.

03.07.2025 11:06 β€” πŸ‘ 1    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0
WipEout (PSX) – Model Viewer

Reverse engineering Wipeout 2097 PSX models + animation = best 90s screensaver ever phoboslab.org/wipeout/

28.06.2025 12:20 β€” πŸ‘ 3    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0
Post image

But luckily it does come with integration between Gemini & Google Drive. Which is great! Bc Google Drive doesn't even allow you to sort on file size + doesn't tell you the size of folders. AI to the rescue! NOT.

26.06.2025 08:02 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0

For those of you considering paying for @GoogleAI Gemini Pro to try out Veo2: you get 4 videos per day. By the time you figure out how prompts work you are done for today i.e. don't bother and find another service.

26.06.2025 07:55 β€” πŸ‘ 1    πŸ” 0    πŸ’¬ 1    πŸ“Œ 0

MS Teams Presence Logging for recon, social engineering and phishing campaign planning. Easily extendable with your own API or workflow to do pattern frequency analysis and find out when individuals or teams are e.g. in recurring meetings.

github.com/0xtosh/Teams...

25.06.2025 14:26 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0

FULLY anonymized
STRICTLY forbidden
HIGHLY sensitive
TOTALLY secure
FULLY compliant
PERFECTLY legal

If you want to find the path of least resistance when it comes to security, threat modeling and intrusion testing: follow the attack path with hyperbolic language that is trying to overcompensate.

19.06.2025 09:26 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0
Zero Days [ STUXNET worm documentary, 2016]
YouTube video by Andy Moore Zero Days [ STUXNET worm documentary, 2016]

With the on-going Internet and energy outages in Iran, I can only really think about the last 3 mins of the "Zero Days" documentary where the combined internal sources virtual person being interviewed stated that capabilities had already been deployed in Iran for 8+ years.
youtu.be/Fqk_VUMzY_M?...

17.06.2025 15:51 β€” πŸ‘ 5    πŸ” 2    πŸ’¬ 0    πŸ“Œ 0

Why does the network backbone of Telegram matter?

Because as @pwnallthethings.bsky.social was pointing out in 2022 (www.pwnallthethings.com/i/86455222/t...), Telegram's in-house TLS replacement provides a cleartext permanent device ID!

The network can follow users across WiFis, data plans, etc.

13.06.2025 16:56 β€” πŸ‘ 82    πŸ” 34    πŸ’¬ 1    πŸ“Œ 2
Post image

Don't do this

10.06.2025 19:55 β€” πŸ‘ 1    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0
Post image

Rest in Peace, Bill Atkinson.

Hard to overstate the massive influence Bill's work had over me, and the way we all use computers today.

From his work on the Macintosh, to HyperCard, Bill was a pioneer of merging art & technology.

07.06.2025 18:40 β€” πŸ‘ 72    πŸ” 22    πŸ’¬ 2    πŸ“Œ 1
Post image

πŸ˜‚

08.06.2025 14:09 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0

My favorite glue-eating LLM is ChatGPT because it is so bad at coding, it just says "Yeah, you are right, I didn't finish that. Let me get you the full script and get back to you." where it just stops and does nothing πŸ™ƒ

08.06.2025 14:07 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 1    πŸ“Œ 0

It seems that most the popular LLMs start going into infinite loops after a context of 2500 lines of code with heavy dependencies and then just... stop.

08.06.2025 13:58 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 1    πŸ“Œ 0

30 telecoms masts AND ~15 various electrical grid units have been sabotaged last months in south-east Sweden.

The sabotages are concentrated along highway E22, ie one of the main routes needed to reinforce Gotland in case of conflict. Ports are along this route, with the main one in the middle.

06.06.2025 21:19 β€” πŸ‘ 527    πŸ” 226    πŸ’¬ 25    πŸ“Œ 35
Post image

PHRACK special edition HaRDCov3R (#71.5) to be released at recon.cx (@reconmtl.bsky.social‬)

27th - 29th of June. Meet us at REcon.

Contains one 0day article from the upcoming 72 release, +unpublished 71 article, +classics and the Intro by REcon's own Hugo Fortier ❀️

06.06.2025 09:10 β€” πŸ‘ 19    πŸ” 6    πŸ’¬ 1    πŸ“Œ 0
GitHub - anton10xr/gibber-mcp: Tiny MCP server with cryptography tools, sufficient to establish end-to-end encryption between LLM agents Tiny MCP server with cryptography tools, sufficient to establish end-to-end encryption between LLM agents - anton10xr/gibber-mcp

Key exchange and encryption protocol for AI agents using gg-wave/Gibberlink: www.youtube.com/watch?v=m59y...

Source by Anton Pidkuiko based on ggwave library by Georgi Gerganov at github.com/anton10xr/gi...

03.06.2025 07:49 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0
Uit Humo, door Stephan Vanfleteren 2006

Uit Humo, door Stephan Vanfleteren 2006

I miss payphones.

02.06.2025 16:36 β€” πŸ‘ 3    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0
Turning Portal 2 into a Web Server
YouTube video by PortalRunner Turning Portal 2 into a Web Server

Turning Portal 2 into a webserver. What.
www.youtube.com/watch?v=-v5v...

27.05.2025 11:50 β€” πŸ‘ 1    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0

I have yet to see any details or examples, just headlines. Most tech including Chinese stuff comes with management interfaces exposed and with static passwords even. Where is the spy part.

21.05.2025 12:04 β€” πŸ‘ 3    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0

If someone at AMD or Microsoft could solve the AMD fTPM stutter bug that would be great.

18.05.2025 09:09 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 1    πŸ“Œ 0

This was a fun trip down Internet memory lane
neal.fun/internet-art...

15.05.2025 07:18 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0
Preview
There's one question that stumps North Korean fake workers RSAC: FBI and others list how to spot NK infiltrators, but AI will make it harder

One way to tell if your new remote hire is a North Korean scammer is to ask how fat is Kim Jong Un www.theregister.com/2025/04/29/n...

06.05.2025 15:00 β€” πŸ‘ 77    πŸ” 18    πŸ’¬ 5    πŸ“Œ 3
Preview
TeleMessage suspends services after hackers claim breach The app was seemingly used by Mike Waltz in last week's cabinet meeting, according to a photograph published by Reuters.

NEW: TeleMessage, the Signal knockoff used by Mike Waltz and potentially other gov officials to archive group chats in plaintext, has suspended all services after it was hacked *at least twice.* @404media.co reported a hack last night; a different hacker also broke in and gave me evidence.

05.05.2025 19:05 β€” πŸ‘ 2732    πŸ” 1033    πŸ’¬ 52    πŸ“Œ 164
Preview
Sam Altman's World unveils a mobile verification device | TechCrunch Tools for Humanity, the startup behind the World human verification project, unveiled a mobile verification device and expanded to the US.

I genuinely don't know who needs to hear this β€” everyone, maybe? β€” but if a billionaire (or anyone, for that matter) offers to put your iris scans on the blockchain, run as fast and as far as you can.

This man shouldn't be let anywhere near an internet connection, let alone people's biometric data.

01.05.2025 13:14 β€” πŸ‘ 134    πŸ” 66    πŸ’¬ 1    πŸ“Œ 3
Preview
Microsoft announces new European digital commitments - Microsoft On the Issues As a multinational company, Microsoft believes in trans-Atlantic ties that promote mutual economic growth and prosperity.

Microsoft is clearly listening to concerns from European governments, who are suggesting companies should find alternatives to American AI and cloud solutions.

There is a fear the US government could pull the plug on systems that we rely on for almost everything we do.

30.04.2025 16:24 β€” πŸ‘ 1    πŸ” 2    πŸ’¬ 1    πŸ“Œ 1

@0xtosh is following 20 prominent accounts