Hacker News: doomerhunter

New comment by doomerhunter in "The coming industrialisation of exploit generation with LLMs"

doomerhunter — Mon, 19 Jan 2026 22:27:33 +0000

Both are true, the difference is the skill level of the people who use / create programs to coordinate LLMs to generate those reports.

The AI slop you see on curl's bug bounty program[1] (mostly) comes from people who are not hackers in the first place.

In the contrary persons like the author are obviously skilled in security research and will definitely send valid bugs.

Same can be said for people in my space who do build LLM-driven exploit development. In the US Xbow hired quite some skilled researchers [2] had some promising development for instance.

[1] https://hackerone.com/curl/hacktivity [2] https://xbow.com/about

New comment by doomerhunter in "Charles Proxy"

doomerhunter — Sun, 21 Dec 2025 16:27:44 +0000

My pleasure, your team is doing a great job and its good to see competition in that space, forces everyone to push forward :D

New comment by doomerhunter in "Charles Proxy"

doomerhunter — Sat, 20 Dec 2025 11:19:40 +0000

I am a Burp guy, but lately Caido[1] has been trending, pretty lightweight and can be ran in headless mode. It's still very security-oriented (as Burp Suite is), but might be worth your time, notably as you can run it on a VPS/container to proxy all your traffic through it (which is by-design, contrary to my beloved burp/zap)

[1] https://caido.io/

New comment by doomerhunter in "Gemini 3 Flash: Frontier intelligence built for speed"

doomerhunter — Wed, 17 Dec 2025 16:47:19 +0000

Pretty stoked for this model. Building a lot with "mixture of agents" / mix of models and Gemini's smaller models do feel really versatile in my opinion.

Hoping that the local ones keep progressively up (gemma-line)

New comment by doomerhunter in "Show HN: I built time to read all the things I want to"

doomerhunter — Sun, 14 Dec 2025 13:45:41 +0000

I did have a similar need. Built it around discord as a bot that would parse links and the various filetypes associated (github repos, tweets, blog posts, pdfs...) to both archive the content and extract some quality metrics / insights.

I'd say that summarizing only is a bit sad since you go away from the actual substance, but at least it helps targeting what you actually want to spend time digging into. Still a bit worried about where we are going to end up if we only read recaps of recaps of recaps (reminds of me of Fahrenheit 451 when the main character talks of books being abridged, then people reading recaps of these recaps)

New comment by doomerhunter in "Getting into public speaking"

doomerhunter — Sun, 14 Dec 2025 13:34:31 +0000

Depends on your hobbies. I'm into cybsec, there's a ton of small events where you can either be on stage (so submit a proposal), but there is often what we call "rumps" which are usually unplanned 5 minutes talks about a subject. They're a great way to practice.

Besides that, i guess schools/student groups that seek professionals. Non-profits works as well, I did that when I was younger (advocacy).

New comment by doomerhunter in "Getting into public speaking"

doomerhunter — Sun, 14 Dec 2025 13:27:49 +0000

I often tend to integrate talking passionately about a topic in my head with an imaginary interlocutor. While not directly being a rehearsal in itself, it really helps with developing ideas and chaining concepts - at least for me.

I guess everyone is different in regards to handling the pressure when talking in public, but I do agree that you can feel it, most of the time, when someone rehearsed too "scholarly".

A browser extension to monitor, intercept, and debug JavaScript sinks

doomerhunter — Sat, 13 Dec 2025 15:46:08 +0000

Article URL: https://github.com/kevin-mizu/domloggerpp

Comments URL: https://news.ycombinator.com/item?id=46255372

Points: 1

# Comments: 0

New comment by doomerhunter in "Show HN: Wirebrowser – A JavaScript debugger with breakpoint-driven heap search"

doomerhunter — Thu, 11 Dec 2025 15:54:51 +0000

Looks very cool. Wondering what the client-side security researchers will be able to find with that. A friend of mine is developping DomLoggerpp [1] notably to monitor and debug JavaScript sinks.

[1] https://github.com/kevin-mizu/domloggerpp

New comment by doomerhunter in "Launch HN: BrowserBook (YC F24) – IDE for deterministic browser automation"

doomerhunter — Thu, 11 Dec 2025 15:47:42 +0000

Interesting. Quick question in regards to the code generation : Do you dump the DOM to provide relevant context to build the automation or does the agent automatically tries to discover relevant segments (like a claude code) ?

Edit : Answered in the video, dump of a simplified version of the DOM. How is the discovery of the rest is performed ?

Super nice, can really see the use cases, even for security testing.

New comment by doomerhunter in "Show HN: I built a system for active note-taking in regular meetings like 1-1s"

doomerhunter — Tue, 09 Dec 2025 17:33:34 +0000

I'd say the most important part is to have a low-friction tool that fits within an individual's workflow. I like their tool, but i do agree on my side that a Notion with collapsible toggles works better for me, right now (alongside a nice cmd+k to teleport to the right pages)