Daniel Sagi

Who do you think bombed Al-Ahli Baptist Hospital in Gaza?

Do you debug your code using MessageBox() ? Well... Microsoft does it as well. If you add DelayStart=1 to the HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\TouchKeyboard, tabtip.exe delays its start indeed 😂

Key takeaways from the new video published on Palestinian channels showing the moments that preceded the death of journalist Shireen Abu Akleh: 1. Palestinian militants were at the scene, heard firing rapid bursts (0:12, 0:23, 0:30, 0:38). The #IDF, and especially its... (1/3)

This is Eagle Eye. It's a tool used to find people's social media accounts. You feed it the name of the person and an image of them. It does a reverse lookup on the image, uses facial recognition, then tries to find any Instagram, Facebook, or Twitter profiles of that person.

There was just a rocket impact in Ramat Gan - close to the Austrian Embassy. Luckily we‘re all safe. This has to stop immediately !

@kvlly Work from home on open source, cloud native, security stuff. DM me for details

💥VMware fixed an Unauth RCE in vCenter (CVE-2021-21972) found by our researcher Mikhail Klyuchnikov. CVSS: 9.8 🔥 Advisory: vmware.com/security/advis…

@PwnFunction @honoki @IanColdwater :)

@honoki @IanColdwater If you are willing to read some code - github.com/aquasecurity/k…

@pst418 @lizrice Another could argue that they already issued a cve for MITM that requires CAP_NET_RAW. *One year* after my disclosure. Maybe because they can actually easily fix that by changing one sysctl parameter. blog.alcide.io/new-kubernetes…

@lizrice @danielsagi15 One could argue, K8s services are a direct responsibility, while CAP_NET_RAW is inherited from the container runtime or kernel and therefore only an indirect responsibility.

Kubernetes security team are not working-as-designed..

@saronyitbarek Being a luthier and building classical/acoustic guitars for sure

Do you see yourself having a career after tech? If so, what would it be?

@d_pacak Lol

TIL that a pod is a social group of whales

CVE-2020-12418 - Mozilla Firefox URL mPath Information Disclosure Vulnerability All details in the advisory : talosintelligence.com/vulnerability_… or just take a glance at this picture:

Windows 10 changed the way console applications (I/O) work. Now every console has a child process called "conhost.exe (Console Window Host)": devblogs.microsoft.com/commandline/wi… Your fuzzing process will likely be slower if your harness is developed as a console application.

NTLM Relaying to RPC on a DC is neat, but adding yourself as as a DA is lame. Instead, be a cool cat and give yourself dcsync rights: dsacls DC=testlab,DC=local /G "testlab.local\myUser:CA;Replicating Directory Changes" "testlab.local\myUser:CA;Replicating Directory Changes All"

I’ve made a new python lib that send raw HTTP requests using requests, now you will be able to send non RFC compliant requests to test web servers and you will get for free the connection handling, session handling, redirects, retries and more 😊 pypi.org/project/reques…

I discovered QNAP pre-auth root RCE affecting ~450K devices on the Internet link.medium.com/BFxvQFGcB6