The best Hacker News stories from Show from the past day
Latest posts:
Show HN: Simply Reading Analog Gauges – GPT4, CogVLM Can't
Show HN: Vx.dev – GitHub-Powered AI for effortless development
Show HN: OpenPledge – Make a career with Open Source contributions
Hey!<p>As a full-stack developer involved in world of open source, I've often encountered valuable repositories with solutions to my problems, only to find them abandoned for years. Faced with the dilemma of contributing to such projects during work hours, I thought of a solution.<p>That's when the concept of OpenPledge was born — a web platform designed to address this very issue by allowing users (or corporations) to financially support specific open source issues. Imagine, no more abandoned projects, and developers passionate about contributing to open source can now do so more seamlessly and as a full time job.<p>OpenPledge has secured investment, and we're set to launch in February. Join us in shaping the future of open source sustainability.<p>Share your ideas, be an early adopter, and contribute to a thriving open source community.
Visit <a href="https://openpledge.io?source=hn2" rel="nofollow">https://openpledge.io?source=hn2</a> now!
Show HN: Pfuzz, a web fuzzer following the Unix philosophy
I recently dipped my toes into bug bounty hunting and finding security flaws in web applications. As a friend of UNIX shells I was building a repertoire of command line tools to make and analyze HTTP requests. Fortunately there are already many suitable tools like curl, jq, different fuzzers and some really nice tools for specific tasks by Tom Hudson [1].<p>However, I disliked that the existing fuzzers were monoliths where I had no easy way of creating custom behavior or analyses. They commonly do a multitude of things: Create multiple requests using one or more wordlist, sending the request, possibly with rate limiting, displaying progress, applying filters to the received responses and storing the output. If you want something different from the offered features, for example custom delays between requests or a new filter for the responses, your only option is to dig into a moderately large code base and try to adapt it to your needs.<p>I am a fan of the UNIX philosophy and felt like it could help out here. If there was a common format for communicating HTTP requests and responses, an ecosystem of small, specialized tools could use it to work together and fulfill tasks like fuzzing, while allowing the user to easily create custom behavior by combining the existing tools in different ways or adding small, quick to write tools to the ecosystem.<p>This is what I've attempted with the httpipe format [2]. It is a line based JSON format for exchanging HTTP requests and responses. I have also built some first tools using this format, namely pfuzz [3] for creating HTTP requests from wordlists, preq [4] for sending HTTP requests and receiving their responses and hpstat [5] for filtering the responses by their HTTP status codes. Since it's a line based format, many UNIX tools can be used with it as well and since each line is JSON, jq can also be used for manipulation, filtering and displaying.<p>[1] <a href="https://github.com/tomnomnom">https://github.com/tomnomnom</a><p>[2] <a href="https://github.com/codesoap/httpipe">https://github.com/codesoap/httpipe</a><p>[3] <a href="https://github.com/codesoap/pfuzz">https://github.com/codesoap/pfuzz</a><p>[4] <a href="https://github.com/codesoap/preq">https://github.com/codesoap/preq</a><p>[5] <a href="https://github.com/codesoap/hpstat">https://github.com/codesoap/hpstat</a>
Show HN: Pfuzz, a web fuzzer following the Unix philosophy
I recently dipped my toes into bug bounty hunting and finding security flaws in web applications. As a friend of UNIX shells I was building a repertoire of command line tools to make and analyze HTTP requests. Fortunately there are already many suitable tools like curl, jq, different fuzzers and some really nice tools for specific tasks by Tom Hudson [1].<p>However, I disliked that the existing fuzzers were monoliths where I had no easy way of creating custom behavior or analyses. They commonly do a multitude of things: Create multiple requests using one or more wordlist, sending the request, possibly with rate limiting, displaying progress, applying filters to the received responses and storing the output. If you want something different from the offered features, for example custom delays between requests or a new filter for the responses, your only option is to dig into a moderately large code base and try to adapt it to your needs.<p>I am a fan of the UNIX philosophy and felt like it could help out here. If there was a common format for communicating HTTP requests and responses, an ecosystem of small, specialized tools could use it to work together and fulfill tasks like fuzzing, while allowing the user to easily create custom behavior by combining the existing tools in different ways or adding small, quick to write tools to the ecosystem.<p>This is what I've attempted with the httpipe format [2]. It is a line based JSON format for exchanging HTTP requests and responses. I have also built some first tools using this format, namely pfuzz [3] for creating HTTP requests from wordlists, preq [4] for sending HTTP requests and receiving their responses and hpstat [5] for filtering the responses by their HTTP status codes. Since it's a line based format, many UNIX tools can be used with it as well and since each line is JSON, jq can also be used for manipulation, filtering and displaying.<p>[1] <a href="https://github.com/tomnomnom">https://github.com/tomnomnom</a><p>[2] <a href="https://github.com/codesoap/httpipe">https://github.com/codesoap/httpipe</a><p>[3] <a href="https://github.com/codesoap/pfuzz">https://github.com/codesoap/pfuzz</a><p>[4] <a href="https://github.com/codesoap/preq">https://github.com/codesoap/preq</a><p>[5] <a href="https://github.com/codesoap/hpstat">https://github.com/codesoap/hpstat</a>
Show HN: Pfuzz, a web fuzzer following the Unix philosophy
I recently dipped my toes into bug bounty hunting and finding security flaws in web applications. As a friend of UNIX shells I was building a repertoire of command line tools to make and analyze HTTP requests. Fortunately there are already many suitable tools like curl, jq, different fuzzers and some really nice tools for specific tasks by Tom Hudson [1].<p>However, I disliked that the existing fuzzers were monoliths where I had no easy way of creating custom behavior or analyses. They commonly do a multitude of things: Create multiple requests using one or more wordlist, sending the request, possibly with rate limiting, displaying progress, applying filters to the received responses and storing the output. If you want something different from the offered features, for example custom delays between requests or a new filter for the responses, your only option is to dig into a moderately large code base and try to adapt it to your needs.<p>I am a fan of the UNIX philosophy and felt like it could help out here. If there was a common format for communicating HTTP requests and responses, an ecosystem of small, specialized tools could use it to work together and fulfill tasks like fuzzing, while allowing the user to easily create custom behavior by combining the existing tools in different ways or adding small, quick to write tools to the ecosystem.<p>This is what I've attempted with the httpipe format [2]. It is a line based JSON format for exchanging HTTP requests and responses. I have also built some first tools using this format, namely pfuzz [3] for creating HTTP requests from wordlists, preq [4] for sending HTTP requests and receiving their responses and hpstat [5] for filtering the responses by their HTTP status codes. Since it's a line based format, many UNIX tools can be used with it as well and since each line is JSON, jq can also be used for manipulation, filtering and displaying.<p>[1] <a href="https://github.com/tomnomnom">https://github.com/tomnomnom</a><p>[2] <a href="https://github.com/codesoap/httpipe">https://github.com/codesoap/httpipe</a><p>[3] <a href="https://github.com/codesoap/pfuzz">https://github.com/codesoap/pfuzz</a><p>[4] <a href="https://github.com/codesoap/preq">https://github.com/codesoap/preq</a><p>[5] <a href="https://github.com/codesoap/hpstat">https://github.com/codesoap/hpstat</a>
Show HN: Nutrient insights through your grocery receipts
Nutri is still in beta and the GPT-powered results are sometimes inaccurate. The nutrient information accuracy is good to get an overview, but there are still outliers at times. I'm looking to improve the accuracy through food databases. Furthermore, I'd like to add additional tips for combining / preparing food to improve its nutritional value. For example, iron absorption is improved through vitamin C, so combine chickpeas or leafy greens with lemon. Or combine beans with rice to get all amino acids.<p>On the UX side, I'd like to integrate a QR code on the desktop version to easily upload receipts through the phone. Furthermore, it would be great to have analytics over weeks on nutrient improvements over time. Nutri could also be a great accountability partner to track items high in sugar / processed foods.<p>What do you think?
Show HN: Nutrient insights through your grocery receipts
Nutri is still in beta and the GPT-powered results are sometimes inaccurate. The nutrient information accuracy is good to get an overview, but there are still outliers at times. I'm looking to improve the accuracy through food databases. Furthermore, I'd like to add additional tips for combining / preparing food to improve its nutritional value. For example, iron absorption is improved through vitamin C, so combine chickpeas or leafy greens with lemon. Or combine beans with rice to get all amino acids.<p>On the UX side, I'd like to integrate a QR code on the desktop version to easily upload receipts through the phone. Furthermore, it would be great to have analytics over weeks on nutrient improvements over time. Nutri could also be a great accountability partner to track items high in sugar / processed foods.<p>What do you think?
Show HN: Nutrient insights through your grocery receipts
Nutri is still in beta and the GPT-powered results are sometimes inaccurate. The nutrient information accuracy is good to get an overview, but there are still outliers at times. I'm looking to improve the accuracy through food databases. Furthermore, I'd like to add additional tips for combining / preparing food to improve its nutritional value. For example, iron absorption is improved through vitamin C, so combine chickpeas or leafy greens with lemon. Or combine beans with rice to get all amino acids.<p>On the UX side, I'd like to integrate a QR code on the desktop version to easily upload receipts through the phone. Furthermore, it would be great to have analytics over weeks on nutrient improvements over time. Nutri could also be a great accountability partner to track items high in sugar / processed foods.<p>What do you think?
Show HN: I made an app people call "Airdrop for Android"
Show HN: I made an app people call "Airdrop for Android"
Show HN: We built a multimodal AI interviewer for mock system design interviews
Hey HN! We’re Jared, Shreyas, and Varun the creators of TechInterviewer. We’re building a product for software engineers to go through an entirely simulated systems design interview. Our AI interviewer, Steve, gives you a prompt and you talk out loud and draw on a whiteboard while Steve guides you through the interview and gives real-time feedback. Check out our demo:<p><a href="https://app.techinterviewer.ai" rel="nofollow">https://app.techinterviewer.ai</a><p>Every software engineer today has to prepare for systems design interviews and have two awful options: pay hundreds of dollars for a single session with a FAANG engineer or follow silently alongside a YouTube playlist. Because there is no instant feedback while practicing, engineers often learn about their most important knowledge gaps during the course of the interview loop.<p>Jared and Shreyas are both senior engineers who have spent 1000s of hours preparing for and administering systems design interviews. Shreyas was an early engineer at Deepgram and spent many years tracking developments in the TTS (text to speech) space. He realized that voice interviews had potential to change the candidate experience when he starting using chatGPT to prepare for interviewing founding engineer candidates at his startup.<p>We’re hoping that having easy access to interview feedback will level the playing field of software engineers at different skill levels. We’re really excited to share this with you all and we’d love any thoughts, feedback, and comments
Show HN: Roundtable – Survey fraud and bot detection API
Hi HN, we're Mayank and Matt of Roundtable (<a href="https://www.roundtable.ai">https://www.roundtable.ai</a>). We launched our Survey Simulator as part of YC S23 (see Launch HN: <a href="https://news.ycombinator.com/item?id=36865625">https://news.ycombinator.com/item?id=36865625</a>), and ultimately decided to pivot because we couldn't convince users to trust our results and our value proposition wasn't clear.<p>We conducted tons of user discovery interviews, and a lot of big players talked about the pain of manual QC and bot detection. We launched a survey fraud and bot detection API (Alias; docs.roundtable.ai) that determines whether a bot is answering your survey or not. Our API embeds Javascript into survey programs (Forsta, Qualtrics, jsPsych, etc.) to track user behavior and make a judgment on whether the data is from a high-quality participant.<p>You can use our demo, and try to break it, here: <a href="https://www.roundtable.ai/hn-demo">https://www.roundtable.ai/hn-demo</a>. See if you can generate LLM-based text without any flags going off! Feedback welcome!
Show HN: I built presently.live for better weekend planning and insights
Hi HN , my partner and I were looking for easier answers to our weekend planning ritual, such as:<p>- When is our next free weekend?
- What weekend activities have we got planned?
- How busy/available are we to travel / host?<p>Especially at the start of each year, when we're trying to plan flights and/or commit to hosting friends & family visits, I struggled to find a usable overview of multiple months that wasn't cluttered with weekdays. Our social events are overwhelmingly centered around weekends and we wanted a view of the year ahead that reflected that.<p>How about just a line of 52 boxes, one per weekend ahead, shaded differently whether it was free or maybe busy or definitely busy? That was the initial sketch on a napkin that lead to a first proof of concept script that I ran locally.<p>Now, it's a webapp* that reads from our calendars (Google only for now, sorry) to visually summarise weekends - all with readonly access. I've since added some calendar-write features from there ("pro" version, completely free) as our lives become busier with a dog, and parenthood more recently. Features like event templates, summarising events by hashtags, flagging draft/unconfirmed events etc.<p>We've been using it to scratch our own planning itches for some years now already, and I'm sharing here now in case it can be useful for others. Even better if you have any feedback.<p>What / how have you hacked to get clearer and direct insights into your time?<p>I think time management and calendars have been lacking a UX overhaul for a long long time so it's a space I'm passionate about tinkering within.<p>*stack is Nuxt 3, backed by Supabase, hosted on Cloudflare Pages.
Show HN: I built presently.live for better weekend planning and insights
Hi HN , my partner and I were looking for easier answers to our weekend planning ritual, such as:<p>- When is our next free weekend?
- What weekend activities have we got planned?
- How busy/available are we to travel / host?<p>Especially at the start of each year, when we're trying to plan flights and/or commit to hosting friends & family visits, I struggled to find a usable overview of multiple months that wasn't cluttered with weekdays. Our social events are overwhelmingly centered around weekends and we wanted a view of the year ahead that reflected that.<p>How about just a line of 52 boxes, one per weekend ahead, shaded differently whether it was free or maybe busy or definitely busy? That was the initial sketch on a napkin that lead to a first proof of concept script that I ran locally.<p>Now, it's a webapp* that reads from our calendars (Google only for now, sorry) to visually summarise weekends - all with readonly access. I've since added some calendar-write features from there ("pro" version, completely free) as our lives become busier with a dog, and parenthood more recently. Features like event templates, summarising events by hashtags, flagging draft/unconfirmed events etc.<p>We've been using it to scratch our own planning itches for some years now already, and I'm sharing here now in case it can be useful for others. Even better if you have any feedback.<p>What / how have you hacked to get clearer and direct insights into your time?<p>I think time management and calendars have been lacking a UX overhaul for a long long time so it's a space I'm passionate about tinkering within.<p>*stack is Nuxt 3, backed by Supabase, hosted on Cloudflare Pages.
Show HN: Checkmate Champ – a training tool for chess tactics
Show HN: Checkmate Champ – a training tool for chess tactics
Show HN: Checkmate Champ – a training tool for chess tactics
Show HN: Checkmate Champ – a training tool for chess tactics