RT @0gtweet: Phrack #71 Linenoise - "Master of Puppets - turning AV sandboxes into a botnet". What I can say. Honored and proud. Enjoy! h….

Phrack 71 is out, including my article on using instruction patching, syscall remoting, and in-memory implants:

RT @sha1lan: Why exploits prefer memory corruption. Thanks to @halvarflake and @chompie1337!.

I’m overjoyed to have an article of mine published in phrack after reading its back catalog for so long. Wish I could be at defcon to pick up a copy. Many thanks to the phrack staff for publishing it and to the early reviewer (you know who you are) who pushed me to improve it.

RT @phrack: o/ We are excited to announce that we are bringing some professionally printed copies of Phrack 71 to give out at @defcon! We w….

RT @__femb0t: Gough - Starry Night, PCB version

RT @dystopiabreaker:

RT @firstdrafthell: What a fucking Rube Goldberg machine modern web development is. I cannot say this enough; this should not be the normal.

RT @Jiminy_Kirket: When the team lets the Engineering Manager submit a PR.

RT @swagitda_: ok this is hilarious but also where has this been all my life: it’s a tool for weighting the varieg….

RT @swagitda_: in the spirit of transparency, here’s what @rpetrich & I wrote in response to @CISAgov’s RFI on Secure by Design: https://t.….

RT @swagitda_: this Valentine’s / Galentine’s / Palentine’s Day, want the secret to everlasting love?. my secret is writing a book about my….

My holiday present to myself is open sourcing my sandboxing tool, Callander. It uses some over the top binary analysis to apply beastly (and accurate) seccomp profiles that block shellcode and other common attack behavior. The announcement post covers how:

RT @swagitda_: Thank you to the lovely mortals who attended my Wasm Day talk — “A Love Letter to Isolation” at @CloudNativeFdn KubeCon 🖤. T….

RT @swagitda_: This Thinky Thinky Thursday, I'm publishing my response w/ @rpetrich to @ONCD’s RFI on Open-Source Software Security: https:….

RT @swagitda_: @rpetrich woah ok so the implication of using Callander is that the attacker can't execute shellcode. now we're into the….

RT @swagitda_: tomorrowww (Thursday) at 13:30 ET / 17:30 GMT catch me live on the @AllDayDevOps virtual stage and ask me all your Qs about….

After many years, I’m back on the public speaking circuit. I’ll be presenting at All Day DevOps tomorrow (Thursday) on system calls, sandboxing, and program analysis. Join me at 15:30 ET for an adventure into the depths of Linux. It’s virtual and free.

RT @swagitda_: new post: the SUX Rule for safer code it’s short for Sandbox-free - Unsafe - eXogenous, based on Ch….

RT @swagitda_: People stormed out of the Black Hat talk I gave w/ @nicolefv in 2019 on applying DevOps practices to infosec. I gave the sa….