Hacking with Hermes and WSL Containers
Agentic pentesting with Hermes Agent + WSL Containers on Windows. In this demo I train an AI agent against a TryHackMe box using Kali over WSLC — no Docker MCP stack required — with authorized engagement scope, VPN, and live tool use. Watch Hermes spin up a Kali container, run recon and exploitation, recover from model stalls, and capture flags while I break down the WSL Containers workflow that replaced my older MCP setup. 🏰 CHANNEL YouTube: / @timsonner Content: cybersecurity, networking, AI, software development ⏱️ TIMESTAMPS 00:00 - Intro & what we’re building 01:30 - Workflow overview: Hermes + WSL Containers 03:00 - Connect TryHackMe VPN (OpenVPN) 05:00 - Kick off an authorized pentest engagement 08:00 - Scope, goals, and the “authorized testing” prompt 11:00 - WSLC spin-up: Kali container on Windows 14:00 - Privileged/session containers & network adapter control 17:30 - Why this beats Docker MCP servers 20:30 - Live agent work: tool installs, recon, brute-force pitfalls 24:00 - Model comparison notes (Codex vs Sonnet-class models) 28:00 - Fresh session, engagement IDs, skill repo load 32:00 - Parallel agents against the same target 36:00 - Path to user flag (command injection / usurping web paths) 40:00 - Privilege escalation, stego, credentials, root path 44:30 - Windows Defender exclusions for agent skill repos 47:00 - Takeaways: train agents on boxes, iterate skills 48:30 - Outro ⚙️ STACK & SETUP Agent: Hermes Agent Runtime: Windows + WSL Containers (WSLC) / Kali container Lab: TryHackMe (authorized practice environment) Access: OpenVPN to THM network Skills: custom agent skills for pentest engagements, tool install, OPSEC/Defender exclusions https://github.com/timsonner/agent-sk... Models discussed: GPT-class Codex runs vs Sonnet/Opus-class long-horizon runs 🎵 CREDITS & BRANDING Channel branding: Timsonner (16-bit gothic aesthetic) Educational CTF-style lab — not production/client typing without authorization ⚠️ DISCLAIMER All testing shown is against systems you’re authorized to assess (lab/CTF only). Do not run these techniques against systems without explicit written permission. Follow local law and platform rules. #hermesagent #agenticpentesting #wslcontainers #tryhackme #kali linux #cybersecurity #aiagents #ctf #pentesting #windows #docker #devopssecurity #ai

The World's Most Important Machine

HERMES AGENT FULL COURSE 3 HOURS: Build & Sell (2026)

How to Actually Build Mobile Apps with AI in 2026 | A Complete Beginner's Tutorial

Attacking AI - Jason Haddix - NDC Security 2026

Complete Terraform Course - From BEGINNER to PRO! (Learn Infrastructure as Code)

Guide to Agentic AI – Build a Python Coding Agent with Gemini

Something is jamming GPS over Europe. Here's what we found

He Built a Privacy Tool. Now He’s Going to Prison.

資安駭客親自解答網友疑問!Google 是史上最強駭客工具?曾靠假證件攻破銀行機房|名人專業問答|GQ Taiwan

100 hours of Hermes Agent lessons in 19 minutes

Creator of C++: Bell Labs, Negative Overhead Abstraction, Mistakes | Bjarne Stroustrup

OpenClaw vs Hermes Agent (Don’t choose WRONG!)

OpenClaw: The Viral AI Agent that Broke the Internet - Peter Steinberger | Lex Fridman Podcast #491

TanStack Start Full Course 2026 | Build and Deploy a Full Stack Application

Learn RAG From Scratch – Python AI Tutorial from a LangChain Engineer

How to Turn Hermes Agent Into a Beast (The 6 Stages)

How I use LLMs

Jfrog | Jfrog Artifactory | Jfrog Artifactory Tutorial | Artifactory Tutorial | Intellipaat

Complete GitHub Actions Course - From BEGINNER to PRO

