Edznux

Wrote a blogpost today about getting Lucid fuzzing on a "real" target, all of the work that it took and the changes we made along the way. Next, we'll take a more earnest bug-finding approach and conduct a serious fuzzing campaign with Lucid: h0mbre.github.io/Lucid_Dreams_1/

We released new Pwndbg: github.com/pwndbg/pwndbg/… ! It brings new kernel commands for dumping heap allocator info, display of not taken branches (X marker) in disasm, better disasm for ARM/MIPS/LoongArch64, initial s390x support & more! Sponsor us at github.com/sponsors/pwndbg !

Would you look at that, it's tmp.0ut Volume 4! Happy Friday, hope you enjoy this latest issue! tmpout.sh/4/

@_0xffd @LiveOverflow I first selected the targets by doing some AST traversal to find interesting candidates (in a large code base). Once you have that you are able to use the signature of the function directly and the results were few enough to use an "expensive" model. It was good enough to start

@Edznux @LiveOverflow were u able to do something interesting with the context's semantics or just chop-chop into chunks and hope?

Do you work in security and use LLMs for work?

@LiveOverflow I voted for the basic chat but actually, i've a small script that creates basic fuzz test generation (in Go) based on the context of the codebase!

If you are using scripts, or even custom agent, I would love to hear more about it. Please share what you are doing!

Manually instrumenting Go applications for observability has always been a time-consuming challenge. Solutions based on binary patching and eBPF have attempted to solve this, but they often come with undesirable tradeoffs. That’s why we built Orchestrion … 🧵

Paged Out! Issue #5 is out now! pagedout.institute/?page=issues.p… Happy reading! Please RT and tell your friends! :)

We are now making our validation benchmarks public! We invite you to test your skills or systems against them and share your results with us. Read more in our blog post: xbow.com/blog/benchmark…

After many weeks in development, my series on Zen, CUDA, and Tensor cores is ready to roll out. Up first is a look at the silicon - what does the physical layout of a Zen 4 or Ada Lovelace chip actually look like? computerenhance.com/p/zen-cuda-and…

The time has come, and with it your reading material for the week. Phrack #71 is officially released ONLINE! Let us know what you think! phrack.org/issues/71/1.ht…

finally pushing code updates for the first time in a couple months: github.com/h0mbre/Lucid. a lot of changes since: 1. more syscall sandboxing 2. changes to context switching 3. snapshots 4. code coverage Just let me know if you spot errors. starting companion blogpost now

Time for a new mind-bending project! #QLOCK — A JavaScript Quine Clock aem1k.com/qlock It displays the current time in a seven-segment style, embedded within its own JavaScript source code. 🕔 🕝 🕢 🕤 🕑 🕜 (321 bytes)

PSA for Cybersecurity folk: Our co-workers are tired of being "tricked" by phishing exercises y'all, and it is making them hate us for no benefit. I have many thoughts that won't fit in a (non-bluecheck) tweet, so you can find them here: security.googleblog.com/2024/05/on-fir…

The kids are alright

@julesverne40942 We need to improve our doc around this for sure! In short, kubehound needs to be able to read nodes,pods,roles,clusterroles,rolesbinding,clusterrolebinding to see all the attack paths. It'll "fail" gracefully (as in, say the attack path graph will be incomplete) otherwise

@Edznux Hello, Thank you for your great tool ! i just don't see in documentation a good explanation about RBAC right that kubehound needs to scan cluster ? What are the granurality about that ?

My team just released a Kubernetes attack path tool named KubeHound! Release blog post (with examples) securitylabs.datadoghq.com/articles/kubeh… Website / docs: kubehound.io :D Should be able to handle large k8s env! Feedback welcome!

My Ph.D. thesis is now online theses.fr/2023SORUS546.p…

starting a new fuzzer project on the blog that is based on an old @gamozolabs idea. in the first post, we load a statically built Bochs emulator ELF into our fuzzer process and execute it. there is some code and the humble beginnings of a repo. lets gooo h0mbre.github.io/New_Fuzzer_Pro…

@hassoonycodes readme updated :)

@hassoonycodes hey! I've started a PR for the documentation for this here github.com/DataDog/KubeHo… By using the "gremlinpython" package, you should be able to connect to the db and run that query as part of your python script

@GreyF1r3 @jeffmcjunkin you will have to run it from "somewhere" with read access on pods/nodes/roles/clusterroles! Nothing needs to be deployed alongside your services. If you don't have this kind of access easily for your user, you can (with some config) make a dump of this in a file and import it

@Edznux @jeffmcjunkin Definitely not an expert here but didn’t see in the blog, or missed it, where this would be installed? With a sidecar container security stack?? Thanks in advance.