Breaking eBPF Security: How Kernel Rootkits Blind Observability Tools
Deep technical analysis of bypassing eBPF-based security solutions through kernel-level hooks targeting BPF iterators, ringbuffers, and perf events
Feb 14, 202616 min read1.1K
Command Palette
Search for a command to run...
#security
Articles tagged with #security
Bypassing noexec and executing arbitrary binaries
TL;DR: Execute a binary on a Linux system when execution is not allowed (e.g. restricted PHP environment, read-only filesystem or noexec mount flag). By using only Bash and making syscall(2)’s from Bash (!) and piping the ELF binary straight from the...
Oct 10, 20247 min read7.9K
Starting a User Mode Linux/Debian-OS as an unprivileged Linux User
After reading this article you will be able to start a Debian-Linux (including Kernel) from any (unprivileged) Linux shell. User Mode Linux (UML) is a modified Linux Kernel that the user starts just like any other Linux program. The UML-Kernel then "...
Sep 28, 20233 min read1.4K
Starting a VM as an unprivileged Linux User
How to run Docker-in-VM-in-Docker on Segfault's Servers
Sep 24, 20233 min read1.2K
WireGuard into a private LAN via CloudFlare Tunnels
TL;DR: The era of only filtering ingress traffic has come to an end. Differentiating between legitimate and non-legitimate egress traffic is challenging when the attacker uses Cloudflare, Google-drive or AWS. Introduction In this article, you will le...
Aug 10, 20235 min read25K
Free Linux Cloud Root Shells
A short selection of Cloud-based Linux Root Shells and their resource limits. Overview: | MEMORY | STORAGE | CPU | comment ------------------+--------+---------+-----+--------- Github Codespace | 32GB | 8GB | 4 | 20Gpbs Git...
Jul 8, 20231 min read5.0K