DETECT – Detecting IOCs on Kubernetes for fun and profit

https://github.com/falcosecurity/falco https://github.com/falcosecurity/falcosidekick https://falco.org/blog/extend-falco-outputs-with-falcosidekick/ executive summary Falco and SideKick are open source tools which act as senors to monitor for indicators of compromise on your Kubernetes platform. The tools are officially part of The Cloud Native Computing Foundation (CNCF). If your looking for a low-cost yet effective way to put sensors on your Kubernetes environment, then … Continue reading DETECT – Detecting IOCs on Kubernetes for fun and profit

OFFSEC – Writing Buffer Overflows and Reverse Engineering compiled binaries

https://www.exploit-db.com/docs/47032 This tutorial started as a simple attempt to take notes and follow my curiosity on C programming, Assembly and Buffer Overflows work. Don’t take anything here as gospel because the content was written by a high-school drop-out without any formal computer science background. If you find something wildly wrong then let me know. From … Continue reading OFFSEC – Writing Buffer Overflows and Reverse Engineering compiled binaries

PROTECT – Why & How to build Client-Side Encryption in React.Js and beyond

What we're building .... client-side encrypted content with ReAct.JS and SJCL.js Problem Space GMAIL, Facebook, Instagram, Dropbox... you name it... they typically store your data "unencrypted" or with a limited encryption where they control the keys. This means all your emails, pictures, messages and files are sitting on someone else's computer for them to see. … Continue reading PROTECT – Why & How to build Client-Side Encryption in React.Js and beyond

OFFSEC – Writing Node.js malware that steals your cloud access keys

Disclaimer: This article is meant to educate developers and security practitioners of the current and present dangers of node.js development. Ethically, I cannot make the majority of my code publicly available on GitHub. However, I will show a few snippets and concepts for security awareness. If you are a past or present security colleague, please … Continue reading OFFSEC – Writing Node.js malware that steals your cloud access keys

NETSEC – You’re leaking to public Cloud APIs and all you can do is …

Welcome to the public cloud/s. Long gone are the days where traditional Email DLP, URL proxy filtering and L3 firewalls help you mitigate data loss to malicious websites. Maybe you have a developer who wants to use some benign and non threatening Google API to read non sensitive data. Seems okay right? Well, I wouldn't … Continue reading NETSEC – You’re leaking to public Cloud APIs and all you can do is …