Aggregator

The 2021 TLS Telemetry Report

F5 Labs
3 years 2 months ago
Creating an encrypted HTTPS website depends on a lot more than simply throwing a digital certificate at it and hoping for the best. In fact, Transport Layer Security (TLS) and HTTPS misconfigurations are now so commonplace that in the 2021 OWASP Top 10, Cryptographic Failures now comes in second place....

Offensive BPF: Understanding and using bpf_probe_write_user

Embrace The Red
3 years 2 months ago
This post is part of a series about Offensive BPF to learn how BPFs use will impact offensive security, malware, and detection engineering. Click the “ebpf” tag to see all relevant posts. Building advanced BPF programs So far in this Offensive BPF series the focus was on bpftrace to build and run BPF programs. The next thing I wanted to investigate is what options are available to modify data structures during BPF execution.

Scoop the Windows 10 pool! 翻译 & 复现

天玄安全实验室
3 years 2 months ago
堆溢出是应用程序中相当常见的漏洞。利用这些漏洞通常需要对堆的底层管理机制非常了解。Windows10最近改变了内核中堆的管理方式,本文旨在介绍Windows NT内核堆管理机制的最新发展,同时介绍对内核池的新的利用技术

What Microsoft Bing?s IndexNow Means for CDN Users

The Akamai Blog
3 years 2 months ago
Microsoft Bing today announced the rollout of IndexNow, a new protocol designed in conjunction with Yandex that can allow ?websites to easily notify search engines whenever their website content is created, updated, or deleted.? The goal is to reduce the amount of time it takes for search engines to discover and index website changes ? a process often measured in days and even weeks ? to mitigate traffic loss and the potential adverse effects on customers and even revenues.
Jon Alexander

Yar 源码阅读笔记:开篇

她和她的猫
3 years 2 months ago
前言 本文是 Yar 源码系列的第一篇文章,主要介绍 Yar 以及服务端、客户端的基本使用,详细的源码分析会放在后续的文章中。 为什么要研究 Yar? 我从 8 月初开始阅读 《P

六年后的北京之旅

落水轩
3 years 2 months ago
我爱这精彩的世界 交织着太多的悲喜 我爱这精彩的电影 如梦幻如空花 我那总沉默的朋友 你让我感觉到力量 曾在我心中的伤痛 如过眼的云烟

Managed ad