Hacker Sidekick Blog https://hackersidekick.com/blog.html Insights, tutorials, product demos, and platform updates from Hacker Sidekick—the AI assistant and integrated hacking environment built for cybersecurity professionals. en-us Copyright 2025–2026 Hacker Sidekick. All rights reserved. info@hackersidekick.com (Hacker Sidekick) info@hackersidekick.com (Hacker Sidekick) Wed, 20 May 2026 12:00:00 +0000 Wed, 20 May 2026 00:00:00 +0000 1440 https://www.rssboard.org/rss-specification Hacker Sidekick static site (manual) https://hackersidekick.com/images/hackersidekick-logo.png Hacker Sidekick Blog https://hackersidekick.com/blog.html 260 60 Hacker Sidekick Copyright 2025–2026 Hacker Sidekick en info@hackersidekick.com Hacker Sidekick Update: Smarter Models, Workspace Indexing, and Dozens of Threat Intel Tools https://hackersidekick.com/hacker-sidekick-update-smarter-models-local-code-search-threat-intel.html https://hackersidekick.com/hacker-sidekick-update-smarter-models-local-code-search-threat-intel.html Wed, 20 May 2026 00:00:00 +0000 Automatic model routing for offensive security, workspace indexing with hsk-emb embeddings, auto top-up billing, and dozens of threat intelligence MCP tools ship in the latest Hacker Sidekick update. Platform Update Hacker Sidekick 2026-05-20T00:00:00Z model routing, workspace indexing, threat intelligence, MCP, auto top-up, hsk-emb Hacker Sidekick Workspace Indexing settings Platform update: workspace indexing, model routing, auto top-up billing, and built-in threat intelligence MCP tools. Hacker Sidekick Workspace Indexing settings

Model routing for offensive security, workspace indexing, auto top-up billing, and dozens of threat intel MCP tools—now in Hacker Sidekick.

Tags: model routing, workspace indexing, threat intelligence, MCP, auto top-up, hsk-emb

Read the full article

]]> Hacker Sidekick Achieves Remote Code Execution on n8n with CVE-2026-21858 https://hackersidekick.com/hacker-sidekick-cve-2026-21858-n8n-rce.html https://hackersidekick.com/hacker-sidekick-cve-2026-21858-n8n-rce.html Wed, 14 May 2026 00:00:00 +0000 One prompt, no guidance: Hacker Sidekick built a PoC for CVE-2026-21858, mapped file read to RCE on n8n, validated vulnerable vs patched Docker targets, and documented the full chain. Watch the session on video. Product Demo Hacker Sidekick 2026-05-14T00:00:00Z CVE-2026-21858, n8n, Form Trigger, exploit development, remote code execution Hacker Sidekick CVE-2026-21858 n8n exploit development session Recorded session: PoC, Docker lab validation, file-read to RCE chain, and technical report for CVE-2026-21858 on n8n. Hacker Sidekick CVE-2026-21858 n8n exploit development session

One prompt, no guidance: Hacker Sidekick built a PoC for CVE-2026-21858, mapped file read to RCE on n8n, validated vulnerable vs patched Docker targets, and documented the full chain—with failures on camera.

Tags: CVE-2026-21858, n8n, Form Trigger, exploit development, remote code execution, video

Read the full article

]]> Exploiting a 4-Day-Old CVE with Hacker Sidekick in 40 Minutes https://hackersidekick.com/exploiting-four-day-old-cve-hacker-sidekick-40-minutes.html https://hackersidekick.com/exploiting-four-day-old-cve-hacker-sidekick-40-minutes.html Sat, 09 May 2026 00:00:00 +0000 Watch the full session: Hacker Sidekick researched CVE-2026-23918, built a Docker lab, delivered a Python PoC, explored RCE, validated patched vs vulnerable targets, and wrote detection guidance—in about forty minutes, one prompt. Product Demo Hacker Sidekick 2026-05-09T00:00:00Z CVE-2026-23918, Apache httpd, mod_http2, exploit development, AI security research CVE-2026-23918 exploit development with Hacker Sidekick Full recorded session from one prompt to PoC, lab, validation, and technical report. CVE-2026-23918 exploit development with Hacker Sidekick

Watch the full session: one prompt, no follow-ups—CVE-2026-23918 research, Docker lab, Python PoC, RCE exploration, validation harness, and a technical report with detection guidance in about forty minutes.

Tags: CVE-2026-23918, Apache httpd, mod_http2, exploit development, video

Read the full article

]]> The Desktop, the Server, and What We Mean by "Fusion" https://hackersidekick.com/the-desktop-the-server-and-fusion.html https://hackersidekick.com/the-desktop-the-server-and-fusion.html Tue, 28 Apr 2026 00:00:00 +0000 Hacker Sidekick started as a web app on Open WebUI. The desktop is where work happens; the enterprise fusion server is the organizational backbone. How the pieces fit together. Platform Hacker Sidekick 2026-04-28T00:00:00Z fusion server, enterprise, desktop, Open WebUI, cybersecurity Hacker Sidekick desktop and fusion server architecture How the desktop, enterprise fusion server, and Open WebUI roots fit together for security teams. Hacker Sidekick desktop and fusion server

From our Open WebUI web app to the new desktop and the enterprise fusion server: how the pieces fit, what "fusion" means, and which path is right for you.

Tags: Hacker Sidekick, Enterprise, Fusion, Desktop, Security, Open WebUI

Read the full article

]]> What We've Been Building https://hackersidekick.com/what-weve-been-building.html https://hackersidekick.com/what-weve-been-building.html Thu, 23 Apr 2026 00:00:00 +0000 Now that we're posting again: the past eighteen months—from frustration with LLM guardrails to the Hacker Sidekick desktop app, and why it matters. Company Hacker Sidekick 2026-04-23T00:00:00Z Hacker Sidekick, IHE, integrated hacking environment, Open WebUI, desktop What we've been building at Hacker Sidekick Hacker Sidekick logo on a laptop covered in cybersecurity and conference stickers. Hacker Sidekick logo on a laptop covered in cybersecurity and conference stickers

Now that we're posting again: the past eighteen months—how Hacker Sidekick started, the Open WebUI rebuild, conference feedback, enterprise and desktop, Chicago workshops, the Cyphercon sprint, and why the IHE is the product.

Tags: Hacker Sidekick, IHE, Product, Company Update

Read the full article

]]> Introducing the new Hacker Sidekick - an integrated hacking environment https://hackersidekick.com/hacker-sidekick-desktop-ihe-announcement.html https://hackersidekick.com/hacker-sidekick-desktop-ihe-announcement.html Tue, 14 Apr 2026 00:00:00 +0000 Introducing the new Hacker Sidekick: the public web chat experience is going away in favor of the desktop app—an integrated hacking environment for security work. Enterprise deployments remain as the fusion backend. Platform Updates Hacker Sidekick 2026-04-14T00:00:00Z integrated hacking environment, desktop security, agentic AI, offensive security Hacker Sidekick desktop integrated hacking environment Introducing the Hacker Sidekick desktop IHE and enterprise fusion backend architecture. Hacker Sidekick desktop integrated hacking environment

What an integrated hacking environment is, why the public web chat experience is going away in favor of Hacker Sidekick on the desktop, and how enterprise deployments keep their web tier as the fusion backend—integrations and org knowledge feeding one platform for the agentic desktop app.

Tags: Hacker Sidekick, Desktop, Agentic AI, Platform Update

Read the full article

]]> From Defcon Podium to Product Feedback - How Sanaan Used Hacker Sidekick to Win Adversary Wars https://hackersidekick.com/sanaan-defcon-adversary-wars-win.html https://hackersidekick.com/sanaan-defcon-adversary-wars-win.html Sat, 29 Nov 2025 00:00:00 +0000 At DEFCON 33, Sanaan and his team used Hacker Sidekick during Adversary Wars and secured first place. Learn how Hacker Sidekick helped them excel at binary reversing and CTF challenges. Community Hacker Sidekick 2025-11-29T00:00:00Z DEFCON, CTF, Adversary Wars, binary reversing, capture the flag Sanaan wins Adversary Wars at DEFCON 33 with Hacker Sidekick Community success story from DEFCON 33 Adversary Wars. Sanaan wins Adversary Wars at DEFCON 33 with Hacker Sidekick

At DEFCON 33, Sanaan and his team used Hacker Sidekick during Adversary Wars and secured first place. Learn how Hacker Sidekick helped them excel at binary reversing and CTF challenges.

Tags: CTF, Community, DEFCON, Success Story

Read the full article

]]> Introducing the CTF Win Bounty Program: Win up to $1,000 for First Place https://hackersidekick.com/win-bounty-blog.html https://hackersidekick.com/win-bounty-blog.html Fri, 15 Aug 2025 00:00:00 +0000 Hacker Sidekick is launching a CTF Win Bounty program where first place at select CTFs can win up to $1,000. Apply now or meet us at conferences. Community Hacker Sidekick 2025-08-15T00:00:00Z CTF, win bounty, capture the flag, hacking competition, cybersecurity bounty Hacker Sidekick CTF Win Bounty program We're excited to launch the Hacker Sidekick CTF Win Bounty program—win up to $1,000 for first place at select CTFs. Meet us at conferences or apply now.

Tags: CTF, Community, Bounties

Read the full article · Program details

]]> Game-Changing Intelligence: MITRE ATT&CK, Exploit-DB & EPSS Scoring Now Live https://hackersidekick.com/cybersecurity-intelligence-tools-announcement.html https://hackersidekick.com/cybersecurity-intelligence-tools-announcement.html Sun, 03 Aug 2025 00:00:00 +0000 Revolutionary cybersecurity intelligence expansion with three powerful new tools: MITRE ATT&CK threat mapping, Exploit-DB vulnerability research, and EPSS risk scoring. Transform your threat intelligence and vulnerability management workflows. Platform Updates Hacker Sidekick 2025-08-03T00:00:00Z MITRE ATT&CK, Exploit-DB, EPSS, threat intelligence, vulnerability management Hacker Sidekick cybersecurity intelligence tools Revolutionary cybersecurity intelligence expansion with three powerful new tools: MITRE ATT&CK threat mapping, Exploit-DB vulnerability research, and EPSS risk scoring. Transform your threat intelligence and vulnerability management workflows with industry-standard frameworks.

Tags: Platform Updates, Intelligence Tools, MITRE ATT&CK, Exploit-DB, EPSS

Read the full article

]]> Hacker Sidekick Expands Arsenal: 6 New Security Tool Integrations Now Live https://hackersidekick.com/new-tool-integrations-announcement.html https://hackersidekick.com/new-tool-integrations-announcement.html Thu, 17 Jul 2025 00:00:00 +0000 Major platform expansion with 6 powerful new security tool integrations including the complete Shodan suite, Certificate Transparency, AbuseIPDB, and Have I Been Pwned. Enhanced reconnaissance and threat intelligence now available. Platform Updates Hacker Sidekick 2025-07-17T00:00:00Z Shodan, Certificate Transparency, AbuseIPDB, Have I Been Pwned, threat intelligence Hacker Sidekick new security tool integrations Major platform expansion with 6 powerful new security tool integrations including the complete Shodan suite, Certificate Transparency, AbuseIPDB, and Have I Been Pwned. Enhanced reconnaissance, threat intelligence, and security research capabilities now available to all users.

Tags: Platform Updates, Tool Integrations, Shodan, Threat Intelligence

Read the full article

]]> Ensuring Strict Data Separation with Hacker Sidekick's Private LLM Deployments https://hackersidekick.com/ensuring-strict-data-separation-with-private-llm-deployments.html https://hackersidekick.com/ensuring-strict-data-separation-with-private-llm-deployments.html Fri, 04 Jul 2025 00:00:00 +0000 Learn how Hacker Sidekick's private LLM deployments guarantee complete data isolation for cybersecurity teams. Zero data sharing, full compliance, and enterprise-grade privacy for sensitive security operations. Security Hacker Sidekick 2025-07-04T00:00:00Z private LLM deployment, data separation, cybersecurity privacy, enterprise LLM security Hacker Sidekick private LLM deployments Learn how Hacker Sidekick's private LLM deployments guarantee complete data isolation for cybersecurity teams. Zero data sharing, full compliance, and enterprise-grade privacy for sensitive security operations.

Tags: Data Privacy, LLM Security, Enterprise AI, Cybersecurity

Read the full article

]]> Why Cybersecurity Needs Domain-Specific LLMs: The Technical Case https://hackersidekick.com/why-cybersecurity-needs-domain-specific-llms.html https://hackersidekick.com/why-cybersecurity-needs-domain-specific-llms.html Mon, 23 Jun 2025 00:00:00 +0000 General-purpose AI models lack the specialized knowledge, context, and safety constraints required for effective cybersecurity operations. Explore why purpose-built models like Hacker Sidekick deliver superior results. Technical Analysis Hacker Sidekick 2025-06-23T00:00:00Z domain-specific LLMs, cybersecurity AI, ChatGPT limitations, penetration testing Why cybersecurity needs domain-specific LLMs General-purpose AI models lack the specialized knowledge, context, and safety constraints required for effective cybersecurity operations. Explore the technical limitations of ChatGPT and Claude in security contexts, and why purpose-built models like Hacker Sidekick deliver superior results for vulnerability analysis, threat detection, and security research.

Tags: AI, Cybersecurity, LLMs, Penetration Testing, Security Automation

Read the full article

]]> Agentic Hacking in VS Code with Roo Code + Hacker Sidekick https://hackersidekick.com/turbo-charge-vs-code-with-roo-code.html https://hackersidekick.com/turbo-charge-vs-code-with-roo-code.html Thu, 19 Jun 2025 00:00:00 +0000 Transform VS Code into an AI-powered offensive security platform. Enable AI-powered agentic workflows for penetration testing, exploit development, and advanced attack simulations. Complete setup guide in 5 minutes. Tutorial Hacker Sidekick 2025-06-19T00:00:00Z VS Code, Roo Code, agentic hacking, cybersecurity AI, penetration testing Agentic hacking in VS Code with Roo Code and Hacker Sidekick Transform VS Code into an AI-powered offensive security platform. Learn how to enable AI-powered penetration testing workflows, crack hashes, gain root access, and execute complex attack chains using AI agents under your control.

Tags: VS Code, Roo Code, Agentic Hacking, Cybersecurity, AI

Read the full article

]]>