wifi-security Break into the WiFi Network and Interact with Services In this post, I'll go over how to crack the key of a WEP-encrypted WiFi network and pivot into it to interact with vulnerable services running on it.
wifi-security Creating Honeypot Access Points using Hostapd In order to rejoin the network when a client disconnects, the client sends probe requests. To entice probing clients into the network and carry out additional enumeration, you can use hostapd to establish fake hostspot networks.
wifi-security Preferred Network Lists in Detail As devices store a list of previously used hotspots, the preferred network list in a WiFi client device is an intriguing source of private location information. This post will teach you how to perform reconnaissance using preferred network lists.
docker Why Pivot Root is Used for Containers In this post, you will learn about the differences between only chroot and chroot after pivot_root in detail. You will realise the reason why it is used in containerization.
docker Prevent Privilege Escalation from Container Breakout via UserNS Remapping Hello World! In my previous posts, I have discussed a lot on how does a user with certain capabilities can escape the docker container and execute commands on the root of the host. The naive approach to fix this issue could be the combination of the following * Disable capabilities like
docker Basics of Seccomp for Docker Seccomp is a kernel feature that allows you to filter syscalls for a specified process. In this article, you'll learn how to use strict and eBPF modes with your existing Docker configuration.
docker Docker Resource Management in Detail In this post, you will learn about control groups (cgroups) and namespaces required for running containers. Finally, you will create your container without the use of Docker.
docker How does Docker run Containers Under the Hood In this post, I'll show you how docker works behind the scenes and how to spawn containers using containerd and runc as the main runtime. What's more, how does it start the program from ENTRYPOINT.
docker Breakout from the Seccomp Unconfined Container In this post, you'll discover how to exploit the CAP SYS MODULE capability in a privileged exec session to break out of a seccomp unconfined container that was launched with no extra rights or capabilities.
docker Creating your Own Base Image for Docker Have you ever wondered what it's like to create a docker base image that users can import and build on? This tutorial will show you how to make your own Docker base images from scratch in two different approaches.
linux Introduction to Linux for Developers Get an introductory knowledge of what Linux is and your best friend man page. You will also learn about the components that make GUI possible
apparmor Mitigating the Damage in the Compromised Webserver using AppArmor In this post, you will get a very (very) detailed tutorial on how to confine the resource for an nginx server and the php fpm service on a compromised server to allow specific commands via webshell
apparmor Writing AppArmor Profile from Scratch Get a detailed walkthrough about writing the profile for a custom binary from scratch using AppArmor utilities like aa-genprof and aa-autodep
access-control Disallowing CAP_NET_RAW Capability for Root User using AppArmor Is root the ultimate user in Linux? You will get the answer to this question in a post by confining the cap_net_raw for ping command using AppArmor
linux Understanding AppArmor Kernel Enhancement AppArmor is an old, yet powerful security feature introduced in the Linux kernel in the late '90s to control resources for running programs rather than users. It can be used to easily mitigate the damage caused by adversaries. Learn the basics of the AppArmor and its components
linux Attack Defense Privilege Escalation CTF Walkthrough Get a detailed walkthrough on the Linux privileged escalation CTF brought to you by the attackdefence platform.
linux Container Host Breakout – Part 1 Understand how the docker demon running on the remote system or managed service like portainer could be a security risk that should be avoided to prevent the entire infrastructure take over
linux Container Breakout – Part 2 How about injecting the kernel modules and overwriting the files of the host from the "isolated" containers? Learn how to abuse extra capabilities provided to the container and break out of the isolation.
linux Container Breakout – Part 1 Learn the advanced techniques like inter-process communication, abusing Linux capabilities and process injection to break out of an isolated docker container
linux Understanding Container Architecture Docker containers are widely used in the deployment of moderns apps. In this post, you will learn the concept of containerizing, the security mechanism used by the docker community and how to interact with container via docker
linux Exploiting Linux Capabilities – Part 6 Learn the basics of process injection and kernel modules. Build your own rootkits to exploit cap_sys_ptrace and cap_sys_module capabilities in the Linux kernel
linux Exploiting Linux Capabilities – Part 5 Learn the basics of networking and how to perform privileged tasks when you have special network capabilities: cap_net_raw, cap_net_bind_service and cap_net_admin
linux HTB Knife Walkthrough Get a quick walkthrough of the Knife machine provided by hack the box and learn how I owned the machine in less than 10 minutes
linux Exploiting Linux Capabilities – Part 4 Learn about Linux file capabilities like cap_fowner, cap_setfcap, cap_dac_override and cap_linux_immutable and how to exploit these in order to read privileged files or get the root user shell
linux Exploiting Linux Capabilities – Part 3 In this post you will learn how to exploit the capabilities often provided to a sysadmin for example cap_sys_admin, cap_sys_time, cap_kill and cap_chown