Well, it should be like this instead of Google's cloud

Gooey

Turn (almost) any Python command line program into a full GUI application with one line

What is it?

Gooey converts your Console Applications into end-user-friendly GUI applications. It lets you focus on building robust, configurable programs in a familiar way, all without having to worry about how it will be presented to and interacted with by your average user.

https://github.com/chriskiehl/Gooey/

Yesterday

The new Egyptian Nuclear Project

Built Egyptians and Russians on an Egyptian land

🇷🇺🇪🇬🇷🇺🇪🇬

New video uploaded !

Intigriti's month (Nov 2025) challenge full walk through

Watch on YouTube
https://youtu.be/ZNYxws_LtWs

Read the write-up on Medium
https://medium.com/@mohamedabozaid961/intigritis-1125-challenge-walk-through-3e3c391f7699

The pdf version is in comments below 👇

@reverseengineer101

Prompt injection

Nowadays AI security is crucial, you see most of the websites now add a chat bot based on an AI model and jail breaking it can really leak sensitive data

@reverseengineer101

Btw, I forgot to attach this link from OWASP top 10 for LLMs
https://owasp.org/www-project-top-10-for-large-language-model-applications/

Orbstack is a docker alternative

OrbStack is the fast, light, and easy way to run Docker containers and Linux. Develop at lightspeed with our Docker Desktop alternative.

https://orbstack.dev/
@reverseengineer101

Chatgpt 😑😐

Don't worry if it's down with you it's not your problem

API Sec university is live !

Live Session Alert: API Security Basics - A Bug Hunter's Perspective

Today's Live Discord [Session](https://discord.gg/4X6fXK5B?event=1444365577241104384) is starting in 5 minutes in the https://discord.com/channels/1009112852759593100/1329504546858205314 stage channel.

Join us NOW!

Jo

in now on discord
@reverseengineer101

If you have a target that relay on GraphQL always test if the introspection is enabled or not (it shall not be in production systems but sometimes it is) once you enumerate the schema you can go to something like Graphql voyager for better understanding and getting all the relations between the objects or you can read the schema by yourself if it's small, then try to observe the most sensitive fields like users chats or passwords or ... then try to get it then you will find that GraphQL is just returning that to you

The reason why I am writing this because I recently found a massive leakage (user ip addresses, feedback chats, ...)in some crypto wallet

#Cyber_tips
@reverseengineer101

Cloudflare is down again taking down the all sites that's relying on it

They were celebrating that they have stopped the biggest DDoS ever happened some days before, they should wait for some time before celebrating 😂😂😂

Well, I am proud enough and happy to say I got my first ACE (Arbitrary Code Execution)

It started with only exposed debugging point then I was able to execute JS over a Sandbox then I managed to escape it and if you are asking how the answer is I found another vulnerability which is prototype pollution and I was able to invoke some native JS as well like the constructor (like react2shell constructor.constructor but mine is not the same vulnerability) this gave me the ability to explore some internals, I trying to leverage it more now maybe to get the full RCE (Remote Code Execution)

Finally what I want to say that wasn't an easy thing to do I passed more than three days just trying and failing and trying. Nothing comes easy as you think

@reverseengineer101

My write (M0habozaid) up got the third place in best write ups

https://bugology.intigriti.io/intigriti-monthly-challenges/1125

Happy to share with that I have completed Try Hack Me -THM- advent of cyber security for 2025 and officially certified