https://linzeyan.github.io/categories/security/Recent content in Security on RickyHugo -- gohugo.ioenSat, 03 May 2025 11:24:00 +0800https://linzeyan.github.io/posts/2025/20250503-zipbomb-protection/Sat, 03 May 2025 11:24:00 +0800https://linzeyan.github.io/posts/2025/20250503-zipbomb-protection/<ul> <li> <p><a href="https://idiallo.com/blog/zipbomb-protection" target="_blank" rel="noopener">I use Zip Bombs to Protect my Server</a></p> </li> <li> <p>What happens is, they receive the file, read the header that instructs them that it is a compressed file. So they try to decompress the 1MB file to find whatever content they are looking for. But the file expands, and expands, and expands, until they run out of memory and their server crashes. The 1MB file decompresses into a 1GB. This is more than enough to break most bots. However, for those pesky scripts that won&rsquo;t stop, I serve them the 10MB file. This one decompresses into 10GB and instantly kills the script.</p>https://linzeyan.github.io/posts/2024/20241113-objective-see/Wed, 13 Nov 2024 09:44:00 +0800https://linzeyan.github.io/posts/2024/20241113-objective-see/<ul> <li><a href="https://t.me/misakatech/1349" target="_blank" rel="noopener">Objective-See: An Open Source Project Org for Apple Privacy and Security</a></li> </ul> <p>While searching for small tools today, I found they have built a bunch of open-source software for macOS, mostly related to privacy and security.</p> <ul> <li> <p><a href="https://objective-see.org/products/knockknock.html" target="_blank" rel="noopener">KnockKnock</a>: See what background processes, daemons, launch items, kernel extensions, login items, browser plugins, and more are on your Mac. Much more detailed than &ldquo;Login Items&rdquo; (some software auto-starts in other ways).</p> </li> <li> <p><a href="https://objective-see.org/products/lulu.html" target="_blank" rel="noopener">LuLu</a>: An open-source macOS network firewall that lets you control each application&rsquo;s network connections in detail (similar to Hands Off!).</p>https://linzeyan.github.io/posts/2024/20240913-golang/Fri, 13 Sep 2024 09:41:00 +0800https://linzeyan.github.io/posts/2024/20240913-golang/<ul> <li><a href="https://v2ex.com/t/1072079" target="_blank" rel="noopener">Be Alert: Supply Chain Attacks Are Closer Than You Think</a></li> </ul> <ul> <li><code>github.com/siruspen/logrus</code> false</li> <li><code>github.com/sirupsen/logrus</code> true</li> </ul>https://linzeyan.github.io/posts/2023/20231004-container/Wed, 04 Oct 2023 09:06:00 +0800https://linzeyan.github.io/posts/2023/20231004-container/<ul> <li><a href="https://securitylabs.datadoghq.com/articles/container-security-fundamentals-part-1/" target="_blank" rel="noopener">Container security fundamentals: Exploring containers as processes</a></li> <li><a href="https://securitylabs.datadoghq.com/articles/container-security-fundamentals-part-2/" target="_blank" rel="noopener">Container security fundamentals part 2: Isolation &amp; namespaces</a></li> <li><a href="https://securitylabs.datadoghq.com/articles/container-security-fundamentals-part-3/" target="_blank" rel="noopener">Container security fundamentals part 3: Capabilities</a></li> <li><a href="https://securitylabs.datadoghq.com/articles/container-security-fundamentals-part-4/" target="_blank" rel="noopener">Container security fundamentals part 4: Cgroups</a></li> <li><a href="https://securitylabs.datadoghq.com/articles/container-security-fundamentals-part-5/" target="_blank" rel="noopener">Container security fundamentals part 5: AppArmor and SELinux</a></li> <li><a href="https://securitylabs.datadoghq.com/articles/container-security-fundamentals-part-6/" target="_blank" rel="noopener">Container security fundamentals part 6: seccomp </a></li> </ul>https://linzeyan.github.io/posts/2020/20201208-2536/Tue, 08 Dec 2020 21:50:47 +0800https://linzeyan.github.io/posts/2020/20201208-2536/<ul> <li><a href="https://ithelp.ithome.com.tw/users/20114110/ironman/2536" target="_blank" rel="noopener">An introduction to hacker tools: the tip of the iceberg</a> <ul> <li><a href="https://ithelp.ithome.com.tw/articles/10214839" target="_blank" rel="noopener">[Hacker Tools Day10] Web security testing - Burp Suite</a></li> <li><a href="https://ithelp.ithome.com.tw/articles/10215002" target="_blank" rel="noopener">[Hacker Tools Day11] Website path traversal - DirBuster</a></li> <li><a href="https://ithelp.ithome.com.tw/articles/10215072" target="_blank" rel="noopener">[Hacker Tools Day12] Password brute force - Hydra</a></li> <li><a href="https://ithelp.ithome.com.tw/articles/10215234" target="_blank" rel="noopener">[Hacker Tools Day13] Password wordlist generator - crunch</a></li> <li><a href="https://ithelp.ithome.com.tw/articles/10216722" target="_blank" rel="noopener">[Hacker Tools Day16] Penetration tool - Metasploit</a></li> <li><a href="https://ithelp.ithome.com.tw/articles/10217688" target="_blank" rel="noopener">[Hacker Tools Day18] Windows password extraction tool - mimikatz</a></li> <li><a href="https://ithelp.ithome.com.tw/articles/10221189" target="_blank" rel="noopener">[Hacker Tools Day25] CTF exploit Python library - pwntools</a></li> </ul> </li> </ul>