Forwarded from Sys-Admin InfoSec
Open BLD DNS Updating News: New BLD release, New tools and more
I'm happy to present new Open BLD release which is already in production 🎉
🌴 Stabilities and Updates:
• Atomizing/Micro-servicing: Different server BLD infrastructure roles
• Alerting coverage: Local and remote BLD services
• Caching: Redis to KeyDB partially changes/migrations
• Caching: Sync caching between different BLD role servers
• Configurable: Minimum TLS version can be setup through config file
• Configurable: Multiple configations supporting
• Configurable: Custom HTTP User Agent for DoH upstreams
• Configurable: Updated conditional Bootstrap and Upstream functionality
• Stability: Auto-recovering and Self-checking mechanisms
🧩 Tools:
• IP Reflector. IP Reflection API Service.
• Monitor.sh. Script for checking systemd unit status
• Self-cert-gen. Simple self signed certificate generator
• monit2telegram. A simple noscript to send Monit alerts using Telegram bot.
• Flex App Additions Methodology. Flow for Engineers, this methodology can be used as additional helper for 12-Factor app or can be used separetely, as standalone practice.
🦚 Agentless BLD:
BLD works without agents or any additional tools and allow to use secure and clean Internet:
• In: Browsers (Chrome, Brave, Firefox, Edge and etc)
• On: Mobile devices (Android, iOS)
• In/On: Computers or networks (Primaty/Secondary DNS)
📟 More details on official BLD site:
• https://lab.sys-adm.in
#free #bld #dns
I'm happy to present new Open BLD release which is already in production 🎉
🌴 Stabilities and Updates:
• Atomizing/Micro-servicing: Different server BLD infrastructure roles
• Alerting coverage: Local and remote BLD services
• Caching: Redis to KeyDB partially changes/migrations
• Caching: Sync caching between different BLD role servers
• Configurable: Minimum TLS version can be setup through config file
• Configurable: Multiple configations supporting
• Configurable: Custom HTTP User Agent for DoH upstreams
• Configurable: Updated conditional Bootstrap and Upstream functionality
• Stability: Auto-recovering and Self-checking mechanisms
🧩 Tools:
• IP Reflector. IP Reflection API Service.
• Monitor.sh. Script for checking systemd unit status
• Self-cert-gen. Simple self signed certificate generator
• monit2telegram. A simple noscript to send Monit alerts using Telegram bot.
• Flex App Additions Methodology. Flow for Engineers, this methodology can be used as additional helper for 12-Factor app or can be used separetely, as standalone practice.
🦚 Agentless BLD:
BLD works without agents or any additional tools and allow to use secure and clean Internet:
• In: Browsers (Chrome, Brave, Firefox, Edge and etc)
• On: Mobile devices (Android, iOS)
• In/On: Computers or networks (Primaty/Secondary DNS)
📟 More details on official BLD site:
• https://lab.sys-adm.in
#free #bld #dns
Mozilla HTTP Observatory
The Mozilla HTTP Observatory is a set of tools to analyze your website and inform you if you are utilizing the many available methods to secure it.
https://github.com/mozilla/http-observatory
#tool
The Mozilla HTTP Observatory is a set of tools to analyze your website and inform you if you are utilizing the many available methods to secure it.
https://github.com/mozilla/http-observatory
#tool
GitHub
GitHub - mozilla/http-observatory: Mozilla HTTP Observatory
Mozilla HTTP Observatory. Contribute to mozilla/http-observatory development by creating an account on GitHub.
How to reset Linux user password with Ansible
* [en] - Read
Как сменить пароль Linux пользователя при помощи Ansible
* [ru] - Читать
* [en] - Read
Как сменить пароль Linux пользователя при помощи Ansible
* [ru] - Читать
lab.sys-adm.in
Sys-Admin Laboratory
Open Sys-Admin BLD DNS - Focus on information for free with adblocking and implicit cybersecurity threat prevention.
GitHub Copilot
GitHub Copilot uses the OpenAI Codex to suggest code and entire functions in real-time, right from your editor..
https://github.com/features/copilot
GitHub Copilot uses the OpenAI Codex to suggest code and entire functions in real-time, right from your editor..
https://github.com/features/copilot
GitHub
GitHub Copilot · Your AI pair programmer
GitHub Copilot works alongside you directly in your editor, suggesting whole lines or entire functions for you.
Targeted Deanonymization via the Cache Side Channel: Attacks and Defenses
https://github.com/leakuidatorplusteam/artifacts
https://github.com/leakuidatorplusteam/artifacts
GitHub
GitHub - leakuidatorplusteam/artifacts: The Paper Artifact Availability
The Paper Artifact Availability. Contribute to leakuidatorplusteam/artifacts development by creating an account on GitHub.
AppFlowy.IO - The Open Source Alternative To Notion
You are in charge of your data and customizations.
Documentation:
* https://appflowy.gitbook.io/docs/essential-documentation/contribute-to-appflowy
Official site:
* https://www.appflowy.io
GitHub:
* https://github.com/AppFlowy-IO/appflowy
#need_ro_research
You are in charge of your data and customizations.
Documentation:
* https://appflowy.gitbook.io/docs/essential-documentation/contribute-to-appflowy
Official site:
* https://www.appflowy.io
GitHub:
* https://github.com/AppFlowy-IO/appflowy
#need_ro_research
AppFlowy
AppFlowy is the AI collaborative workspace where you achieve more without losing control of your data
Forwarded from Sys-Admin InfoSec
Open BLD DNS: Our supporter is UptimeRobot
Hey, UptimeRobot it is a very good solution for on-line monitoring tasks. I'm using UptimeRobot over than 10 years for monitoring tasks by:
- Ping availability my Blog and Forum
- HTTP(S) availability and SSL expiry reminders
- Port(s) availability for Open BLD services
- Keyword checking on web-pages
Free plan allow using UptimeRobot with 5 min. interval with notifications to email.
Now, UptimeRobot helps to Open BLD Project to reduce checking intervals to 1 min and now you can checking Open BLD status on:
• https://bld-status.sys-adm.in page.
On my own behalf, I express my deep gratitude to the UptimeRobot service, now the availability and stability of the Open BLD service has more monitoring than it was.
Hey, UptimeRobot it is a very good solution for on-line monitoring tasks. I'm using UptimeRobot over than 10 years for monitoring tasks by:
- Ping availability my Blog and Forum
- HTTP(S) availability and SSL expiry reminders
- Port(s) availability for Open BLD services
- Keyword checking on web-pages
Free plan allow using UptimeRobot with 5 min. interval with notifications to email.
Now, UptimeRobot helps to Open BLD Project to reduce checking intervals to 1 min and now you can checking Open BLD status on:
• https://bld-status.sys-adm.in page.
On my own behalf, I express my deep gratitude to the UptimeRobot service, now the availability and stability of the Open BLD service has more monitoring than it was.
What is CoreDNS?
Short concept presentation from CNCF:
https://www.cncf.io/wp-content/uploads/2020/08/Introduction-to-CoreDNS-1.pdf
Short concept presentation from CNCF:
https://www.cncf.io/wp-content/uploads/2020/08/Introduction-to-CoreDNS-1.pdf
Using Hermes’s Quicksort to run Doom: A tale of JavaScript exploitation
https://engineering.fb.com/2022/07/20/security/hermes-quicksort-to-run-doom/
https://engineering.fb.com/2022/07/20/security/hermes-quicksort-to-run-doom/
Engineering at Meta
Using Hermes’s Quicksort to run Doom: A tale of JavaScript exploitation
At Meta, our Bug Bounty program is an important element of our “defense-in-depth” approach to security. Our internal product security teams investigate every bug submission to assess its maximum po…
PART 1: How I Met Your Beacon – Overview
…During this research we will outline a number of effective strategies for hunting for beacons, supported by our BeaconHunter tool that we developed to execute these strategies and which we intend to open source in due course. In the following posts to this research, we will then step in to a number of case studies for applying these detections to a variety of both commercial and open source frameworks…:
https://www.mdsec.co.uk/2022/07/part-1-how-i-met-your-beacon-overview/
…During this research we will outline a number of effective strategies for hunting for beacons, supported by our BeaconHunter tool that we developed to execute these strategies and which we intend to open source in due course. In the following posts to this research, we will then step in to a number of case studies for applying these detections to a variety of both commercial and open source frameworks…:
https://www.mdsec.co.uk/2022/07/part-1-how-i-met-your-beacon-overview/
MDSec
PART 1: How I Met Your Beacon - Overview - MDSec
Introduction Its no secret that MDSec provides a commercial command-and-control framework with a focus on evasion for covert operations. With this in mind, we are continuously performing on-going R&D in...
Moving from NGINX to Caddy v2
https://seanchenpiano.com/pianonotes/2021/09/11/moving-from-nginx-to-caddy-v2/
https://seanchenpiano.com/pianonotes/2021/09/11/moving-from-nginx-to-caddy-v2/
pianonotes by Sean Chen
Moving from NGINX to Caddy v2
Motivation
EDIT: I had a misconfiguration that bit me in the ass recently (along with blindly updating Go to 1.17). Code below is updated.
I recently decided to try Caddy v2 for my personal home server, and had such a good and easy time with it that I…
EDIT: I had a misconfiguration that bit me in the ass recently (along with blindly updating Go to 1.17). Code below is updated.
I recently decided to try Caddy v2 for my personal home server, and had such a good and easy time with it that I…
Bolt like as Ansible alternative
Bolt is an open source orchestration tool that automates the manual work it takes to maintain your infrastructure.
* https://puppet.com/docs/bolt/latest/bolt.html
#tool
Bolt is an open source orchestration tool that automates the manual work it takes to maintain your infrastructure.
* https://puppet.com/docs/bolt/latest/bolt.html
#tool
Artillery - Cloud-scale performance testing
Very easy tool for web services benchmarking…:
* https://www.artillery.io
#tool
Very easy tool for web services benchmarking…:
* https://www.artillery.io
#tool
Artillery
Artillery · Full-stack performance & reliability testing
Keep production reliable, customers happy, and pagers silent.
2022-unit42-incident-response-report-final.pdf
3.1 MB
2022 Unit 42 Incident Response Report
Executive Summary: Every week brings news about threat actors—new campaigns, new groups, new types of attacks, new targets. Defenders can easily wind up playing catchup, but what does it take to flip the noscript?..
Big report abpout of top attacks trends and etc.
Executive Summary: Every week brings news about threat actors—new campaigns, new groups, new types of attacks, new targets. Defenders can easily wind up playing catchup, but what does it take to flip the noscript?..
Big report abpout of top attacks trends and etc.