Looking good a good tutorial on debugging with ghidra. I want to set breakpoints, change flow, and modify memory values. Is that possible?

A brilliant write up of the Gladinet Triofox vulnerability by @rapid7 https://t.co/ODO6OFTzLe?

Happy birthday to @nez_ze_nerd , one of our co-flounders and top bet welsher. May the hendos and dripping run free for you this weekend.

Just released a video on running CeWL through Docker. https://t.co/EQepwoD7gc Enjoy

Does anyone know how to get hold of AWS setup support by UK phone? I've tried to setup a new account but can't get past the phone number verification step. My support ticket has been ignored for three days so I want to find another way to talk to them.

Does anyone know if it is possible to use the aws cli without credentials? I want to see if I can access things without authentication as well as with.

1995: Mudge published "How to Write Buffer Overflows", one of the first papers about buffer overflow exploitation. Afterwards, Mudge sent a copy to Aleph One, who later wrote "Smashing the Stack For Fun and Profit" in 1996. Seminal security paper to seminal security paper.

I've got some spare time, what cloud certs are worth me looking at considering I've little specific AWS/GCP/Azure knowledge but know a lot of the theory. I want things that will help on client engagements but doubt I could go directly to something like AWS Security Speciality

This is the best description of how fibre optic networks work I've ever seen. Thanks @FryRsquared https://t.co/ey9jcO1zoK

Tool makers: if you're going to do a web interface and it's usually used by a single person, please let there be an option to only bind it to 127.0.0.1 and make it authenticationless. Bloodhound and Nessus I'm looking at you here.

Spent the morning playing with mssql in docker and getting it working with php. Would anyone be interested to see DVWA use mssql as a backend for the SQLi exercises? It can already do sqlite in case you didn't already know.

Turns out, if you delete the ~/.config directory on a running machine, a lot of things break. (It was a symlink to an old home directory I thought I'd copied everything from so deleted it, don't know why I did a symlink rather than a copy)

I've got some time to make videos, is there anything tool or technique related you would like to see?

Can anyone point me at a good example of a multi-arch docker image that is built through GitHub actions? The image description has gone missing since it was changed to multi-arch and I want to find another repo who has it working so I can see what fix is needed.

Another DVWA bit of fun, this time a patch to fix the low level stored XSS vulnerability by madinasaimova. Your insecurity is important to us and so we will report this to the insecurity team investigate.

An interesting film, definitely worth a watch. Make sure you stay till just after the first bit of credits end.

It's Friday, work is quiet, so I'm off to see Tron. Anyone else watching it today?

The online safety act is not safe is it....

New video, Decrypting TLS traffic in Wireshark. How to extract TLS keys from Burp, ZAP, and curl and then import them into Wireshark to see the raw traffic. https://t.co/t23ZhseC9v

Thank you to Frederik from Leakscanner for finding a vulnerability in DVWA and submitting it to the bug bounty. Please accept all the thanks and recognition you deserve.