Tortures computers for fun and profit. Interested in network security monitoring, machine learning, Golang and Rust. Shellscript ninja. Will debug for food.
Published my Bachelor Thesis: "Implementation and evaluation of secure and scalable anomaly-based network intrusion detection"
along with my network traffic analysis framework: https://t.co/pZBtGFuGIR #golang#IDS#NSM#DeepLearning#ML
TIL that macOS has a security feature called XProtect, which scans any new binaries you execute
But it also means it slows down edit-compile-run workflows with excessive checking
And the daemon is single threaded, so concurrent binary executions are blocked
good lord
I'm glad everyone has discovered memory safe languages after several decades. Now can we start looking at secure package management or are we just going to import memory safe rando libs from ninja876 on Github forever?
My dystopian vision of an AI-powered future is that LLMs drives down the cost of generating long text even further, and the only way for readers to keep up is to use LLMs to summarize.
Bellingcat and investigative partners @derspiegel and @the_ins_ru have discovered a hitherto secretive group of engineers involved in Russian missile strikes on Ukraine.
These strikes have killed hundreds and left millions without heating or power https://t.co/vF8zQPmW2d
You can force any v8/Electron process to execute arbitrary js code (child_process, http, etc) by forcefully enabling and abusing the builtin debug mechanism ... here's VS Code executing Calc, but I suspect any Electron app is susceptible 🔥 it works with SIP enabled on macOS
Do you know you can set up a custom Transform server in #Maltego? The #DittoTRX Transform developed by @dreadcode can be used to investigate #IDNHomographAttack and imposter domain on various websites. Learn how to set it up here: https://t.co/niqYfSCjBE
The Trojan Source vulnerability allows supply-chain attacks on software written in C, C++, Go, Java, Javascript, Python and Rust. We're releasing details after a 99-day coordinated disclosure period, and some of these compilers will be patched quickly. See https://t.co/tO4xIU5Ncw
Wow, just realized C is turning 50 next year. Not sure how to tell students that we're learning about security problems caused by a language that's half a century old.