👾 Tetstack👾
93 subscribers
139 photos
1 video
3 files
38 links
Download Telegram
Good night I forgot to sleep and to study (I have a test tomorrow)
This media is not supported in your browser
VIEW IN TELEGRAM
So you guys remeber i was yapping about WAF and cloudflare so, as bypassing it is "Illegal" I will be using a real website build with cloudflare which i own but because i don't i will build a full website either with replit or whatever to test my backend and see how it works.
This media is not supported in your browser
VIEW IN TELEGRAM
So for my my fellow Arch linux users, as some AUR pkg have been compromised.

https://github.com/PicasoTheDeal/AUR-scanner

Here is my github repo for you to check if you have installed any of the npm atomic pkg or not and if the PKGBUILD have been affected
I think I know why my subscribers are not increasing that much, you all have some thing known as:

Malware Illusion Syndrome (MIS)


*(I named it)

It's a disease where you guys translate any link or app or even hello world code, into smthing I would use to hack you or put a backdoor or smth, I mean you are right to be paranoid and not trust someone online, the solution you check the link, but this happens only when they know you are into cyber security. And mainly why would I warn you if I am gonna hack you man.


MIS made you guys think what ever I send no matter what I send It's malicious, no matter how many proof I have. Maybe I will hide my cyber security stuff until atleast I reach 159 subs I guess.


⚠️ Please if you have any symptoms that shows you have MIS please go and watch a youtube video about it, or ask your AI.



Specially you Fuad, pandz.
2😁2👍1🔥1🤣1
👾 Tetstack👾
So for my my fellow Arch linux users, as some AUR pkg have been compromised. https://github.com/PicasoTheDeal/AUR-scanner Here is my github repo for you to check if you have installed any of the npm atomic pkg or not and if the PKGBUILD have been affected
Thanks to one of my friends for testing it the tool actually works so if you still have Malware Illusion Syndrome (MIS). Check the source code. And can I get stars 🌟. If you guys like it.
🔥2
I forgot I had physics and chemistry final exam today. I mean the whole book is coming but mehhh I will just revise it when I go there lol.
😁1🙏1
why is my portfolio cloned more than the AUR-threat-mitigator. You guys and MIS ...
👾 Tetstack👾
Photo
This media is not supported in your browser
VIEW IN TELEGRAM
Now this is better, and for anyone who cloned my repo thank you so much, i have updated major thing so make sure to clone it again.
Just finished class today, atlast.
Now what...?
So today's advice will be.

​Advice 3:

Stop assuming a link or a webpage is safe just because your antivirus or a VirusTotal scan gave it a clean green checkmark. Out-of-the-box browser tools like stock BeEF get absolutely smoked by modern security engines today.
But here is the real catch: custom-coded, private variants slip right past defenses. High-tier threat actors and spyware groups cook up their own hidden JavaScript hooks from scratch that look exactly like harmless tracking pixels or standard site analytics. To your privacy extensions and local EDR, it looks like normal web traffic—but the exact second you load the page, you are silently being fingerprinted and sized up.

​What gets compromised:

Your active browser session tokens, tab data, exact device specs, and potentially your entire OS if they chain it with a nasty exploit.

​How it gets weaponized:

Attackers execute what’s known as a Watering Hole attack. They don’t even send you a sketchy link; they quietly hijack a 100% legit, highly trusted website that you use every single day, injecting their custom code directly into the backend. Advanced groups have been caught doing this on trusted sites to drop zero-day exploits directly into Chrome's V8 engine. The moment a target opened that normal-looking site, the exploit shattered the browser sandbox and manipulated memory—zero downloads, zero fake popups, completely invisible.

​Conclusion:

No matter how legit a site looks on the surface, never assume the backend hasn't been secretly backdoored. Scanners will not save you from a custom-made setup. Treat your browser as a hostile perimeter: update your stuff the exact second a patch drops, and never mistake a familiar website layout for guaranteed safety.