Tuesday, April 9, 2024

Knowledge vs Information

One way to conceptualize the difference between knowledge and information is this: knowledge involves some metric of computational difficulty to arrive at, while mere information lacks this property.

Read more: Knowledge vs Information
Posted at No comments:

Tuesday, November 7, 2023

DMARC

Lately I've overheard some people discussing email spoofing with regard to organizations that don't implement DMARC. Namely, "APTs" taking advantage of organizations that don't utilize Domain-based Message Authentication, Reporting and Conformance.

Read more: DMARC
Posted at No comments:

Monday, October 9, 2023

Enumerating TLS Certificates with jq and Bash

Doubling back to share some more notes about web application security adjacent stuff. This is a bash script for reconnaissance that uses some tooling from Project Discovery - mapcidr and tlsx - in combination with jq and Bash, to enumerate TLS certificates.

Read more: Enumerating TLS Certificates with jq and Bash
Posted at No comments:

Friday, September 15, 2023

Using Bash to Sort IPs by Subnet Uniqueness

This is a helpful Bash script to parse IP addresses by the uniqueness of their subnets. This can be quite helpful in various scenarios.

Read more: Using Bash to Sort IPs by Subnet Uniqueness
Posted at No comments:

Thursday, September 14, 2023

Binary, IPv4, and Subnets

The IPv4 protocol which we broadly (but not totally) use today rests on an addressing system that was designed in the 1970s and formally published in 1980.

Read more: Binary, IPv4, and Subnets
Posted at No comments:

Tuesday, September 5, 2023

The Etymology of 'Deadline'

The word 'deadline' has a popular etymology story around 19th century prison culture. The explanation of the meaning behind the word 'deadline' often goes something like this — as many etymologists and US dictionaries frequently cite it:

Read more: The Etymology of 'Deadline'
Posted at No comments:

Sunday, September 3, 2023

Using Csharp to Enumerate Processes

In previous posts, I covered how to observe process information in Windbg by starting a debugging session and dumping the Proccess Environment Block.

Read more: Using Csharp to Enumerate Processes
Posted at No comments:

Saturday, September 2, 2023

Walking the EPROCESS Structure with Windbg

In a previous blog post, I covered how when a process is loaded, it is assigned a Process Environment Block (PEB) and Thread Environment Block. But this is only part of the story, and part of a larger picture.

Read more: Walking the EPROCESS Structure with Windbg
Posted at No comments:

Friday, September 1, 2023

Tradeoffs of PInvoke and Marshaling

Today I learned that PInvoke and marshaling have more tradeoffs than I naively considered. In terms of performance engineering, PInvoke and marshaling can be disadvantageous.

Read more: Tradeoffs of PInvoke and Marshaling
Posted at No comments:

Tuesday, August 29, 2023

Life of a Windows Process

In a previous post, I covered a bit about how Windows Processes are initialized. But how does process creation work in Windows? Let's explore a bit further into Windows processes.

Read more: Life of a Windows Process
Posted at No comments:
Subscribe to: Posts (Atom)