At office, we were using only one broadband provider (a costly one). It worked well till it did not. We learned our lesson and subscribed to three different ISPs. This post is how to make sure that your network remains up when one ISP goes down (failover). WAN failover is a network redundancy solution that …
Setting up office router for failover with multiple broadband providers Read More »
This is a short tutorial using Apple’s Endpoint Security Framework in Rust to build security applications. We will build a small observability application that sends a notification to the desktop every time someone SSH’s into a machine that is running the application. But let’s start with the basics of what endpoint security means. 💡 You …
A Short Tutorial: Apple’s Endpoint Security Framework using Rust Read More »
Secret Handshake over Untrusted Network In the digital world, secure communication is paramount, especially when dealing with sensitive information over untrusted networks. Cryptography provides the foundation for safeguarding our data and ensuring confidentiality. This blog covers how various cryptographic methods can be combined to perform a secret handshake over untrusted networks. We will define a …
Before you start reading, click here to clone the project. In the realm of Android app development, prioritizing code correctness and security is essential. While managed languages like Java and Kotlin are well-suited for Android app development, system-level programming often requires languages like C and C++. However, memory safety bugs in C and C++ pose …
Supercharging Your Android App with Rust Native Libraries Read More »
Introduction So you’ve made your shiny new server with all these fancy Endpoints. Now comes the question, How do you tell someone what to access? You could write your own documentation, but that would take far too long, and you would be prone to making errors. A much better solution is to generate the docs …
All steps are to be executed in Administrative powershell/cmd.exe. We use the following color scheme to distinguish host and VM: 🟢 is Host 🔵 is VM. We have used the following tools in this post: WinDbg, VMware, and VirtualKD-Redux. 🟢 Disable Memory Integrity 🟢 Run bcdedit /set hypervisorlaunchtype off 🟢 Install VMware Download Windows and …
What is Phishing? In the computing world, phishing is just like fishing, except that the bait is a fraudulent message, and we are the reeled in fish🐟. Like a fisherman who knows what type of bait to use to reel in a specific fish, an attacker gathers as much information about you as they can …
eBPF is (now!) a cross-platform technology with origins in the Linux Kernel that can run sandboxed programs in a privileged context such as the operating system kernel. It is used to safely and efficiently extend the capabilities of the kernel without requiring to change kernel source code or write drivers with the native kernel APIs. …
Illustration by @Megha. Edited by @Freya Fannie. This document outlines the steps to get a minifilter signed by Microsoft, including registering for the Windows Hardware Dev Center program, purchasing an EV code signing certificate, and using the Windows Hardware Certification Kit (HCK) or Windows Hardware Lab kit (HLK) to run tests and submit a test …
Pledge is like the forbidden fruit we all covet when the boss says we must use things like Linux. Why does it matter? It’s because pledge() actually makes security comprehensible. Linux has never really had a security layer that mere mortals can understand. — [Justine Tunney](https://justine.lol/pledge/). The Linux kernel is a powerful piece of software …
seccomp-pledge: Enforce principle of least privilege in Linux kernel Read More »
