Analyze various information about the website from an URL. IP, WHOIS, TLS, Cookie, etc. Similar to VirusTotal scan.

Detailed scan report for URL: domain/IP info, http transactions, links, javascript behavior analysis, etc.

VirusTotal has this public tool that shows detailed information about IP address/domain: historical Whois lookup and certificate log. Similar to crt.sh.

A security search engine like https://shodan.io. Search open services on an IP, whois, protocol signature, etc.

Two attacks to make send traffic outside protected VPN tunnel.

1. exploit VPN's LAN direct access mechanism by spoofing fake IP for target.com
2. spoof the IP for VPN server

I reckon these methods should only affect unencrypted traffic or TLS without proper CN checks. Interestingly, this technique is used by some VPN software in China as an alternative way to selectively route traffic to VPN (to circumvent internet censorship). https://dreamacro.github.io/clash/configuration/dns.html#fake-ip

An linux sandboxing tool with pledge() syntax by Justine Tunney, author of "actually portable executable" and "redbean".

Alternative to apparmor (kernel module) or bubblewrap (cgroup/namespace).

I was piqued by this, so I went on read Ken Thompson's original article. I am amazed by it. It's a quite surprising application of quine. Don't worry, it doesn't give me a feeling of existential crisis as I still have faith on the beloved fellow compiler workers.

Read about it in https://dl.acm.org/doi/10.1145/358198.358210 .

No need to trust self-signed certificate to intercept tls traffic, if we have the secret keys.

An interesting made up story about supply chain attack on npm and javascript community.

Do you know it's possible to open a shell with 'apt' command? Do you know you can upload a file just by calling 'tar'?

This website curates list of Unix binaries that can be used to bypass local security restrictions.

cyber security search engine

This article desmonstrated some fancy usage of systemd, including the followings:

• Filesystem sandboxing
• Dynamic users
• Socket
• LoadCredential

This article describes the security implication of using jwt token for authorization in order to save a db lookup.

• Logout doesn't log out if the token is still accessible
• Server-side cannot force block a user
• etc.

This article explained what may break with Firefox first-party isolation option on (privacy.firstparty.isolate) and potential solutions.

It explained why some of my extensions fail to log in.

<blockquote>csrutil disable</blockquote>

trade security for performance

Check if your IP is exposing any ports. If you see 404 page, nothing is exposed