-
Vulnerable eBPF CTF Challenge 01
A CTF style vulnerable box where you need to find and exploit a mistake in an eBPF program that allows privilege escalation to root.
-
Interactivity is the halting problem in a trench coat.
Or: please, please, stop piping
curl
intobash
in prod. -
Stop saying eBPF when you mean cBPF.
TL;DR: Let’s detect malware that uses BPF the right way. eBPF has become a hot topic, which leads to some hype whenever BPF is found in malware. The thing is, BPF malware is nothing new and most malware is using cBPF, not eBPF. Conflating cBPF with eBPF is harmful to defenders, who really need to understand the difference between the two when writing detections.
-
Never Stop Reading: Crashing the HaikuOS Port of Cave Story
TL;DR: Cave Story for HaikuOS go SEGV.
-
whoami, who am I? Thoughts on protecting digital and human identities.
TL;DR: What is identity security, why we often do it wrong, and how we can get it right.