Alfred Berg
@berg.hf.ax
security enthusiast | space | F1 | bikes
You are in bsky.app/profile/dmnk... which is how I at least found you. One can also check clearsky.app (but that list is not updated there yet)
December 24, 2024 at 6:22 AM
You are in bsky.app/profile/dmnk... which is how I at least found you. One can also check clearsky.app (but that list is not updated there yet)
Another similar thing I recently learned is eBPF can be used to get all traffic going though openssl on a system. No CA cert needed. E.g. kyanos makes use of this github.com/hengyoush/ky...
GitHub - hengyoush/kyanos: Kyanos is a networking analysis tool based on eBPF. It can visualize the time packets spend in the kernel, capture requests/responses in command line, calculates various agg...
Kyanos is a networking analysis tool based on eBPF. It can visualize the time packets spend in the kernel, capture requests/responses in command line, calculates various aggregated metrics, makes t...
github.com
December 21, 2024 at 1:47 PM
Another similar thing I recently learned is eBPF can be used to get all traffic going though openssl on a system. No CA cert needed. E.g. kyanos makes use of this github.com/hengyoush/ky...
Reposted by Alfred Berg
If you're interested in the technical details, I wrote the blog post here: flatt.tech/research/pos...
For the further details, please check out the announcement from the OpenWrt team: lists.openwrt.org/pipermail/op... (2/2)
For the further details, please check out the announcement from the OpenWrt team: lists.openwrt.org/pipermail/op... (2/2)
Compromising OpenWrt Supply Chain via Truncated SHA-256 Collision and Command Injection
Introduction Hello, I’m RyotaK (@ryotkak ), a security engineer at Flatt Security Inc.
A few days ago, I was upgrading my home lab network, and I decided to upgrade the OpenWrt on my router.1 After ac...
flatt.tech
December 7, 2024 at 9:47 AM
If you're interested in the technical details, I wrote the blog post here: flatt.tech/research/pos...
For the further details, please check out the announcement from the OpenWrt team: lists.openwrt.org/pipermail/op... (2/2)
For the further details, please check out the announcement from the OpenWrt team: lists.openwrt.org/pipermail/op... (2/2)
Resources I have found useful for starting to develop eBPF programs:
@lizrice.com has a lot of good videos e.g. www.youtube.com/watch?v=uBqR... (the go part is a bit different if using ebpf-go)
isovalent.com/labs/ebpf-ge...
ebpf-go.dev/guides/getti...
docs.ebpf.io
www.kungfudev.com/series
@lizrice.com has a lot of good videos e.g. www.youtube.com/watch?v=uBqR... (the go part is a bit different if using ebpf-go)
isovalent.com/labs/ebpf-ge...
ebpf-go.dev/guides/getti...
docs.ebpf.io
www.kungfudev.com/series
A Beginner's Guide to eBPF Programming with Go • Liz Rice • GOTO 2021
YouTube video by GOTO Conferences
www.youtube.com
November 30, 2024 at 7:21 PM
Resources I have found useful for starting to develop eBPF programs:
@lizrice.com has a lot of good videos e.g. www.youtube.com/watch?v=uBqR... (the go part is a bit different if using ebpf-go)
isovalent.com/labs/ebpf-ge...
ebpf-go.dev/guides/getti...
docs.ebpf.io
www.kungfudev.com/series
@lizrice.com has a lot of good videos e.g. www.youtube.com/watch?v=uBqR... (the go part is a bit different if using ebpf-go)
isovalent.com/labs/ebpf-ge...
ebpf-go.dev/guides/getti...
docs.ebpf.io
www.kungfudev.com/series
eBPF could be a great tool to identify data reaching sinks when doing gray-box security assessments
e.g. find if the input is passed to some bash command, sql-query, what files does the applications try to open, get the plain text of all https requests going through openssl on the system etc.
e.g. find if the input is passed to some bash command, sql-query, what files does the applications try to open, get the plain text of all https requests going through openssl on the system etc.
November 30, 2024 at 7:19 PM
eBPF could be a great tool to identify data reaching sinks when doing gray-box security assessments
e.g. find if the input is passed to some bash command, sql-query, what files does the applications try to open, get the plain text of all https requests going through openssl on the system etc.
e.g. find if the input is passed to some bash command, sql-query, what files does the applications try to open, get the plain text of all https requests going through openssl on the system etc.
It is really good! It is also so easy to use that my dad uses it to connect to the home automation system
November 29, 2024 at 12:31 PM
It is really good! It is also so easy to use that my dad uses it to connect to the home automation system
I have started doing some bug bounty again, e.g.
support.apple.com/en-us/102774
unite.un.org/content/un-i... (technically not bug bounty, but a pretty fun one, found various DB creds and similar secrets)
support.apple.com/en-us/102774
unite.un.org/content/un-i... (technically not bug bounty, but a pretty fun one, found various DB creds and similar secrets)
November 21, 2024 at 4:55 PM
I have started doing some bug bounty again, e.g.
support.apple.com/en-us/102774
unite.un.org/content/un-i... (technically not bug bounty, but a pretty fun one, found various DB creds and similar secrets)
support.apple.com/en-us/102774
unite.un.org/content/un-i... (technically not bug bounty, but a pretty fun one, found various DB creds and similar secrets)