eBPF Observability Tools Are Not Security Tools
https://www.brendangregg.com/blog/2023-04-28/ebpf-security-issues.html
https://www.brendangregg.com/blog/2023-04-28/ebpf-security-issues.html
Brendangregg
eBPF Observability Tools Are Not Security Tools
eBPF Observability Tools Are Not Have Security Tools
Ethical Hacking in 15 Hours - 2023 Edition - Learn to Hack (Parts 1, 2)
— https://youtu.be/3FNYvj2U0HM
— https://youtu.be/sH4JCwjybGs
— https://youtu.be/3FNYvj2U0HM
— https://youtu.be/sH4JCwjybGs
YouTube
Ethical Hacking in 15 Hours - 2023 Edition - Learn to Hack! (Part 1)
TCM Security Black Friday sale is happening now through December 1st at 11:59 PM ET!
https://www.tcm.rocks/acad-y-2025 - Get 50% off your first payment to the TCM Security Academy
https://www.tcm.rocks/certs-y-2025 - Take 20% off certifications & live trainings!…
https://www.tcm.rocks/acad-y-2025 - Get 50% off your first payment to the TCM Security Academy
https://www.tcm.rocks/certs-y-2025 - Take 20% off certifications & live trainings!…
Python noscript as Systemd
example:
— https://docs.rockylinux.org/gemstones/systemd_service_for_python_noscript/
example:
— https://docs.rockylinux.org/gemstones/systemd_service_for_python_noscript/
docs.rockylinux.org
Systemd Service - Python Script - Documentation
Forwarded from Sys-Admin InfoSec
OpenBLD - Next Stage to Growth with ClouDNS
GeoDNS and Global Anycast DNS features from ClouDNS - it as a brilliant opportunity for additional OpenBLD Performance and Availability
Today ClouDNS supported OpenBLD DNS and provided own features for free:
• Anycast DNS service and Anycast GeoDNS servers
• DDoS Protection
• DNS Failover checks
• EDNS-client-subnet support
• and more...
ClouDNS providing flexible tools for managements services and very affordable pricing plans and it is I like it very much.
This can be a key milestone in the development phase of the OpenBLD project, it is a next stage for growth. I have special domain name for OpenBLD DNS project, may be it is a "that very moment"...
• All ClouDNS features you can found on ClouDNS Site
• How to protect for your self and family with OpenBLD Here
Sys-Admin Up pinned « OpenBLD - Next Stage to Growth with ClouDNS GeoDNS and Global Anycast DNS features from ClouDNS - it as a brilliant opportunity for additional OpenBLD Performance and Availability Today ClouDNS supported OpenBLD DNS and provided own features for free:…»
Coraza WAF Caddy Module
Go-written WAF module from fastest Caddy server:
— https://github.com/corazawaf/coraza-caddy
Go-written WAF module from fastest Caddy server:
— https://github.com/corazawaf/coraza-caddy
GitHub
GitHub - corazawaf/coraza-caddy: OWASP Coraza middleware for Caddy. It provides Web Application Firewall capabilities
OWASP Coraza middleware for Caddy. It provides Web Application Firewall capabilities - corazawaf/coraza-caddy
Build Your Own Face Recognition Tool With Python
— https://realpython.com/face-recognition-with-python/
— https://realpython.com/face-recognition-with-python/
Realpython
Build Your Own Face Recognition Tool With Python – Real Python
In this tutorial, you'll build your own face recognition command-line tool with Python. You'll learn how to use face detection to identify faces in an image and label them using face recognition. With this knowledge, you can create your own face recognition…
Step-by-step guide to implementing a DevSecOps program for any size organization
https://github.com/6mile/DevSecOps-Playbook
https://github.com/6mile/DevSecOps-Playbook
GitHub
GitHub - 6mile/DevSecOps-Playbook: This is a step-by-step guide to implementing a DevSecOps program for any size organization
This is a step-by-step guide to implementing a DevSecOps program for any size organization - 6mile/DevSecOps-Playbook
Microsoft-Extractor-Suite - Powershell tool designed to streamline the process of collecting data and information from various sources
- Unified Audit Log
- Admin Audit Log
- Mailbox Audit Log
- Mailbox Rules
- Transport Rules
- Message Trace Logs
- Azure AD Sign-In Logs
- Azure AD Audit Logs
- Registered OAuth applications in Azure AD
— https://github.com/invictus-ir/Microsoft-Extractor-Suite
- Unified Audit Log
- Admin Audit Log
- Mailbox Audit Log
- Mailbox Rules
- Transport Rules
- Message Trace Logs
- Azure AD Sign-In Logs
- Azure AD Audit Logs
- Registered OAuth applications in Azure AD
— https://github.com/invictus-ir/Microsoft-Extractor-Suite
GitHub
GitHub - invictus-ir/Microsoft-Extractor-Suite: A PowerShell module for acquisition of data from Microsoft 365 and Azure for Incident…
A PowerShell module for acquisition of data from Microsoft 365 and Azure for Incident Response and Cyber Security purposes. - invictus-ir/Microsoft-Extractor-Suite
ETWHash - small C# tool used during Red Team engagements, that can consume ETW SMB events and extract NetNTLMv2 hashes for cracking offline
— https://labs.nettitude.com/blog/etwhash-he-who-listens-shall-receive/
— https://labs.nettitude.com/blog/etwhash-he-who-listens-shall-receive/
Modern Test-Driven Development in Python
Testing production grade code is hard. Sometimes it can take nearly all of your time during feature development. What's more, even when you have 100% coverage and tests are green, you still may not feel confident that the new feature will work properly in production:
— https://testdriven.io/blog/modern-tdd/
Testing production grade code is hard. Sometimes it can take nearly all of your time during feature development. What's more, even when you have 100% coverage and tests are green, you still may not feel confident that the new feature will work properly in production:
— https://testdriven.io/blog/modern-tdd/
testdriven.io
Modern Test-Driven Development in Python
This guide looks at how to test Python code with pytest, pydantic, and JSON Schema using Test-Driven Development.
A Python Shell with XOR Algorithm – Bypass Windows Defender & AV’s
Written at 9 Jan’23:
— https://mrvar0x.com/2023/01/09/a-python-shell-with-xor-algorithm-bypass-windows-defender-amp-avs/
Written at 9 Jan’23:
— https://mrvar0x.com/2023/01/09/a-python-shell-with-xor-algorithm-bypass-windows-defender-amp-avs/
AndoryuBot – New Botnet Campaign Targets Ruckus Wireless Admin Remote Code Execution Vulnerability (CVE-2023-25717)
https://www.fortinet.com/blog/threat-research/andoryubot-new-botnet-campaign-targets-ruckus-wireless-admin-remote-code-execution-vulnerability-cve-2023-25717
https://www.fortinet.com/blog/threat-research/andoryubot-new-botnet-campaign-targets-ruckus-wireless-admin-remote-code-execution-vulnerability-cve-2023-25717
Fortinet Blog
AndoryuBot – New Botnet Campaign Targets Ruckus Wireless Admin Remote Code Execution Vulnerability (CVE-2023-25717)
FortiGuard Labs details how a unique botnet leverages a Ruckus vulnerability and examines its behavior once inside an infected device. Learn more.…
PostgreSQL Python
step-by-step guide how to work with the PostgreSQL database using the Python programming language..:
— https://www.postgresqltutorial.com/postgresql-python/
step-by-step guide how to work with the PostgreSQL database using the Python programming language..:
— https://www.postgresqltutorial.com/postgresql-python/
Neon
PostgreSQL Python
This PostgreSQL Python section shows how to work with PostgreSQL from Python programming language using the psycopg2 database driver.
Concealed code execution: Techniques and detection
The techniques for concealing code execution became the favorite tool in Advanced Persistent Threat actor's arsenal because of the remarkable stealth benefits they can provide against conventional security mechanisms. Understanding how these techniques operate under the hood and having access to open-source proof-of-concept implementations that reproduce the corresponding behavior greatly helps with detection engineering and aids in incident response investigations
— https://www.huntandhackett.com/blog/concealed-code-execution-techniques-and-detection
The techniques for concealing code execution became the favorite tool in Advanced Persistent Threat actor's arsenal because of the remarkable stealth benefits they can provide against conventional security mechanisms. Understanding how these techniques operate under the hood and having access to open-source proof-of-concept implementations that reproduce the corresponding behavior greatly helps with detection engineering and aids in incident response investigations
— https://www.huntandhackett.com/blog/concealed-code-execution-techniques-and-detection
Huntandhackett
Concealed code execution: Techniques and detection
After months of dedicated research we cover a wide range of concealed code execution techniques and investigate their mechanisms and how to detect them.