Summary

Total Articles Found: 7

Top sources:

Top Keywords:

Top Authors

Top Articles:

  • Tool Release – Enumerating Docker Registries with go-pillage-registries
  • Tool Release: Sinking U-Boots with Depthcharge
  • CowCloud
  • Using Semgrep with Jupyter Notebook files
  • Tool Release – insject: A Linux Namespace Injector
  • Tool Release – shouganaiyo-loader: A Tool to Force JVM Attaches
  • Cranim: A Toolkit for Cryptographic Visualization

CowCloud

Published: 2023-05-25 17:28:41

Popularity: None

Author: nccricardomr

Keywords:

  • Tool Release
  • A common challenge technical teams (e.g. penetration testers) face is centralized deployment and pipelining execution of security tools. It is possible that at some point you have thought about customising several tools, buying their commercial licenses, and allowing a number of people to run the tools from AWS. The problem is that this means you […]

    ...more

    Using Semgrep with Jupyter Notebook files

    If you frequently deliver source code review assessments of products, including machine learning components, I’m sure you are used to reviewing Jupyter Notebook files (usually python). Although I spend most of my time reviewing the source code manually, I also use static analysis tools such as semgrep, using both public and private rules. This tool … Continue reading Using Semgrep with Jupyter Notebook files →

    ...more

    Tool Release – insject: A Linux Namespace Injector

    Published: 2022-01-08 05:20:06

    Popularity: None

    Author: Jeff Dileo

    Keywords:

  • Research
  • Tool Release
  • Virtualization, Emulation, & Containerization
  • Containers
  • injection
  • LD_PRELOAD
  • Linux namespaces
  • yolo
  • 🤖: "Linux namespace party"

    tl;dr Grab the release binary from our repo and have fun. Also, happy new year; 2021 couldn’t end soon enough. Background A while back, I was asked by one of my coworkers on the PSC team about ways in which to make their custom credit card data scanner cloud native to assess Kubernetes clusters. While … Continue reading Tool Release – insject: A Linux Namespace Injector →

    ...more

    Tool Release – shouganaiyo-loader: A Tool to Force JVM Attaches

    Published: 2021-12-29 22:38:00

    Popularity: None

    Author: Jeff Dileo

    Keywords:

  • Research
  • Tool Release
  • 🤖: "Java crashes again"

    Background Java Virtual Machines (JVMs) provide a number of mechanisms to inspect and modify the Java applications and the runtime they stand on. These include Java agents, JARs that are capable of modifying Java class files at runtime; and JVMTI agents, native libraries that can perform deep hooking into the innards of the JVM itself. … Continue reading Tool Release – shouganaiyo-loader: A Tool to Force JVM Attaches →

    ...more

    Tool Release: Sinking U-Boots with Depthcharge

    Published: 2020-07-22 16:00:49

    Popularity: 1

    Author: Jon Szymaniak

    Keywords:

  • Hardware & Embedded Systems
  • Research
  • Tool Release
  • Depthcharge
  • embedded systems
  • U-Boot
  • Depthcharge is an extensible Python 3 toolkit designed to aid security researchers when analyzing a customized, product-specific build of the U-Boot bootloader. This blog post details the motivations for Depthcharge’s creation, highlights some key features, and exemplifies its use in a “tethered jailbreak” of a smart speaker that leverages secure boot functionality. I boot, you … Continue reading Tool Release: Sinking U-Boots with Depthcharge →

    ...more

    Tool Release – Enumerating Docker Registries with go-pillage-registries

    Published: 2020-01-24 13:15:00

    Popularity: 42

    Author: jmakinenncc

    Keywords:

  • Cloud & Containerization
  • North American Research
  • Research
  • Tool Release
  • Container registry
  • Containers
  • Docker
  • Shmoocon
  • 🤖: "docker hack!"

    Introduction Containerization solutions are becoming increasingly common throughout the industry due to their vast applications in logically separating and packaging processes to run consistently across environments. Docker represents these processes as images by packaging a base filesystem and initialization instructions for the runtime environment. Developers can use common base images and instruct Docker to execute … Continue reading Tool Release – Enumerating Docker Registries with go-pillage-registries →

    ...more

    Cranim: A Toolkit for Cryptographic Visualization

    Published: 2024-05-24 19:30:00

    Popularity: None

    Author: Eli Sohl

    Keywords:

  • Cryptography
  • Resources
  • Tool Release
  • 🤖: "encrypting brains"

    Let’s kick this off with some examples. Here’s a seamless loop illustrating CBC-mode encryption: Here’s a clip showing a code block being rewritten to avoid leaking padding information in error messages: Here’s an illustration of a block cipher operating in CTS mode: You may be surprised to learn that each of these illustrations was generated […]

    ...more

    end