Forget the black book… this man had a Linux home directory 🐧
FBI be like: “Why is there a .sh file??”😂😭
FBI be like: “Why is there a .sh file??”😂😭
😁7
This media is not supported in your browser
VIEW IN TELEGRAM
#buna_qurs ☕️
Not a PDF. Not theory.
A living pentesting field manual.
Learn how real attackers think, move, and chain exploits.
🔗 https://www.pentest-book.com/
@bunabytecs
Not a PDF. Not theory.
A living pentesting field manual.
Learn how real attackers think, move, and chain exploits.
🔗 https://www.pentest-book.com/
@bunabytecs
🔥11🤩1
And just like that… the doors are closed 🔐
Registration for BunaByte Junior Security Tester (BBJST) has officially ended.🔥💜
https://bunabyte.com
@bunabytecs
Registration for BunaByte Junior Security Tester (BBJST) has officially ended.🔥💜
https://bunabyte.com
@bunabytecs
😭6🔥2💔1
Ethiopia has bugs.
Hackers say they exist.
Bug bounty platform? Nowhere to be found. 🤔
@bunabytecs bunabyte.com
Hackers say they exist.
Bug bounty platform? Nowhere to be found. 🤔
@bunabytecs bunabyte.com
😁10👍2
AfroSec
I just build APTsearch a red-team–oriented search engine for APT groups & MITRE ATT&CK TTPs kinda MITRE ATT&CK lite lool :) thanks to antigravity ofc 😅 MITRE is powerful… but let’s be real, it’s also confusing APTsearch flips it into attacker logic.…
🙌 Huge shoutout to @AfroSec for building APTsearch – a game-changing, red-team–friendly MITRE ATT&CK search engine! 🔥 Truly next-level work 🚀
Check it out: APTsearch
Check it out: APTsearch
❤4🔥4🙏2
What do you think 💭
Ethiopia’s Cybersecurity Future, Do We Need More Of?
Ethiopia’s Cybersecurity Future, Do We Need More Of?
Anonymous Poll
30%
🔴 Attackers (red team)
23%
🔵 Defenders (blue team)
55%
🟣 Attacker/Defender (purple team)
😈12
🔥 Cybersecurity Students, You’re Using ChatGPT Wrong.
Most people use AI like Google.
Pros use it like a Cyber Command Center.
Let me introduce you to ChatGPT Projects.
Inside ChatGPT, Projects is a workspace that lets you:
• Group related conversations
• Upload and analyze files (PDFs, notes, noscripts)
• Maintain persistent context
• Build structured long-term workflows
• Think and plan like a professional
🧠 What This Means For You
Instead of random chats, you can create:
Think of it as:
📂 GitHub Repo
📓 Notion Workspace
🤖 AI Copilot
@bunabytecs bunabyte.com
Most people use AI like Google.
Pros use it like a Cyber Command Center.
Let me introduce you to ChatGPT Projects.
Inside ChatGPT, Projects is a workspace that lets you:
• Group related conversations
• Upload and analyze files (PDFs, notes, noscripts)
• Maintain persistent context
• Build structured long-term workflows
• Think and plan like a professional
🧠 What This Means For You
Instead of random chats, you can create:
🔐 “Metasploit Mastery” Project
Store exploit notes
Upload payload noscripts
Track vulnerable services
Build structured attack methodology
🛡 “Blue Team Roadmap” Project
Upload SOC notes
Store detection rules
Build incident response playbooks
Practice log analysis scenarios
🎯 “CPTS / TryHackMe Prep” Project
Upload room notes
Track weak areas
Create revision plans
Simulate exam-style questions
Think of it as:
📂 GitHub Repo
📓 Notion Workspace
🤖 AI Copilot
@bunabytecs bunabyte.com
✍12❤3
I tried out the new AI Agent platform called openclaw clawbot and it is wild ...
I just tell it to start hacking by my tg bot it does just that no fluff 🤯💀
Built it on virtual box kali linux and gave it permission to do and use tools inside kali. Then used a reverse proxy to expose to trusted network... Boom you have your hacking assistant
🔥 what a time to live in
Tryit: openclaw
@bunabytecs bunabyte.com
I just tell it to start hacking by my tg bot it does just that no fluff 🤯💀
Built it on virtual box kali linux and gave it permission to do and use tools inside kali. Then used a reverse proxy to expose to trusted network... Boom you have your hacking assistant
🔥 what a time to live in
Tryit: openclaw
@bunabytecs bunabyte.com
🤯5👌4❤🔥2
Buna Byte Cybersecurity
Photo
#Buna_Qurs
#Anthropic dropped a tweet about Claude Code Security and it wiped out $15 billion in cybersecurity stocks.
One tweet. $15 billion gone.
Claude Code Security reads your entire codebase the way a senior security researcher would, finds vulnerabilities hiding for years, and suggests fixes.
During testing it uncovered over 500 bugs in open-source code that survived decades of expert review.
Here's The Funny Part
Anthropic's own tweet said the tool is meant to work alongside security teams, not replace them.
The actual CISOs weren't panicking. Most of them probably thought "cool, another tool to add to the stack."
But the market didn't care. Investors saw "AI can find security vulnerabilities" and hit the exit button before anyone even tried the product.
This Keeps Happening
Every time an AI company sneezes in the direction of an established software category, investors dump billions in market cap within hours.
It doesn't matter if the product works yet. It doesn't matter if it's meant to complement existing tools. It doesn't even matter if customers want it.
The market started treating AI as a zero-sum game where anything AI touches automatically kills whatever came before it.
Watching $15 billion disappear because of a tweet is a wild reminder of how fragile these valuations are right now.
@bunabytecs
#Anthropic dropped a tweet about Claude Code Security and it wiped out $15 billion in cybersecurity stocks.
One tweet. $15 billion gone.
Claude Code Security reads your entire codebase the way a senior security researcher would, finds vulnerabilities hiding for years, and suggests fixes.
During testing it uncovered over 500 bugs in open-source code that survived decades of expert review.
Here's The Funny Part
Anthropic's own tweet said the tool is meant to work alongside security teams, not replace them.
The actual CISOs weren't panicking. Most of them probably thought "cool, another tool to add to the stack."
But the market didn't care. Investors saw "AI can find security vulnerabilities" and hit the exit button before anyone even tried the product.
This Keeps Happening
Every time an AI company sneezes in the direction of an established software category, investors dump billions in market cap within hours.
It doesn't matter if the product works yet. It doesn't matter if it's meant to complement existing tools. It doesn't even matter if customers want it.
The market started treating AI as a zero-sum game where anything AI touches automatically kills whatever came before it.
Watching $15 billion disappear because of a tweet is a wild reminder of how fragile these valuations are right now.
@bunabytecs
👍6❤1
ዓድዋ - የታሪክ እና የጽናት አርማ።
እንኳን ለ130ኛው የዓድዋ ድል በዓል አደረሳችሁ !
ትላንት በጋሻ፣ ዛሬ በቴክኖሎጂ። 🛡️💻
@bunabytecs
🌐 bunabyte.com
እንኳን ለ130ኛው የዓድዋ ድል በዓል አደረሳችሁ !
ትላንት በጋሻ፣ ዛሬ በቴክኖሎጂ። 🛡️💻
@bunabytecs
🌐 bunabyte.com
❤8🫡4👍1🤩1
🚩 picoCTF 2026 – Online Opening & Briefing Session
Interested in cybersecurity and Capture The Flag (CTF) competitions? Join our online session where we will introduce picoCTF 2026, explain how the competition works, and help you get started.
📅 Date: Saturday, March 7, 2026
⏰ Time: 11:00 AM UTC (5:00 Ethiopian Time)
💻 Format: Online
Whether you are a beginner or experienced, this session will guide you through the competition and how to participate.
🔗 Register here:
[Google Form Link]
Interested in cybersecurity and Capture The Flag (CTF) competitions? Join our online session where we will introduce picoCTF 2026, explain how the competition works, and help you get started.
📅 Date: Saturday, March 7, 2026
⏰ Time: 11:00 AM UTC (5:00 Ethiopian Time)
💻 Format: Online
Whether you are a beginner or experienced, this session will guide you through the competition and how to participate.
🔗 Register here:
[Google Form Link]
⚠️ New MongoDB Vulnerability Lets Hackers Crash Any MongoDB Server | Source
A high-severity vulnerability, CVE-2026-25611 (CVSS 7.5), has been discovered in MongoDB, allowing unauthenticated attackers to crash exposed servers using minimal bandwidth.
It affects all MongoDB versions where compression is enabled (v3.4+, on by default since v3.6), including MongoDB Atlas. An attacker can send a tiny 47KB zlib-compressed packet while claiming an uncompressed size of 48MB to crash the server.
@bunabytecs
bunabyte.com
A high-severity vulnerability, CVE-2026-25611 (CVSS 7.5), has been discovered in MongoDB, allowing unauthenticated attackers to crash exposed servers using minimal bandwidth.
It affects all MongoDB versions where compression is enabled (v3.4+, on by default since v3.6), including MongoDB Atlas. An attacker can send a tiny 47KB zlib-compressed packet while claiming an uncompressed size of 48MB to crash the server.
@bunabytecs
bunabyte.com
👍6🔥2
No more waiting!
The exclusive interview with Nathan Hailu is going to start within few mins..
Share with ur friends!
https://news.1rj.ru/str/insactc?livestream=6edb21fadfd32c4127
@insactc
The exclusive interview with Nathan Hailu is going to start within few mins..
Share with ur friends!
https://news.1rj.ru/str/insactc?livestream=6edb21fadfd32c4127
@insactc
🔥5❤2
🤣10😭3😁1