[throwawaygo]

This is the new threat vector. AI copy pasta. Gonna make pen test research way more fun. Just describe the website you’re at and read the source code.

[batch12]

Can it work to identify vulnerabilities? For instance, if you feed it code and ask it to find the vulnerability and provide a description of the issue?

[yawnxyz]

Kind of; here's a couple of (somewhat related) examples:

- Solidity contract bug: https://twitter.com/gf_256/status/1598104835848798208?s=20

- Simple JS bug: https://twitter.com/bentossell/status/1598269697371185153?s=...

- Buffer overflow (though ChatGPT generated this one as a code example, and explains it): https://twitter.com/bentossell/status/1598269719202521088?s=...

- Explaining worst case bubble sort: https://twitter.com/bentossell/status/1598269721882681344?s=...

- Fixing a Kubernetes file: https://twitter.com/PhilipZe9/status/1598303853719560196?s=2...

[alexb_]

"in the style of a fast-talkin' wise guy from a 1940's gangster movie" is hilarious - I'm going to steal this and try other things to see what it gets me

[pred_]

Here's a relatively simple example where it identifies and explains a buffer overflow: https://twitter.com/moyix/status/1598081204846489600

[layer8]

That will lower the barrier to entry for attackers. The script kiddy equivalent of the AI age.