Best of John Hammond2025

  1. 1
    Video
    Avatar of johnhammondJohn Hammond·1y

    I Backdoored Cursor AI

    The post explains how a vulnerability in Electron-based applications, like the AI code editor Cursor, can be exploited using Loki C2, a Node.js-based command and control framework. It demonstrates setting up and using Loki to backdoor Electron applications by replacing their JavaScript files, allowing for remote execution of arbitrary code. The post also discusses how to ensure the targeted application remains functional while compromised, highlighting the collaboration between the author and the developer of Loki C2.

  2. 2
    Video
    Avatar of johnhammondJohn Hammond·30w

    EVERYTHING in cybersecurity (for free)

  3. 3
    Video
    Avatar of johnhammondJohn Hammond·1y

    Finding Web App Vulnerabilities with AI

    Discover how Burp Suite's new AI features can help find web application vulnerabilities more effectively. The video demonstrates setting up and using Burp AI, a tool integrated into Burp Suite Professional, within a Kali Linux environment. By leveraging AI, the tool can automate and enhance various security testing tasks, significantly aiding in penetration testing efforts. Key capabilities include scanning for vulnerabilities, reducing false positives, and providing intelligent automation to supplement manual testing efforts.

See all John Hammond archives