Root code execution on FiberGateway GR241AG through public wifi network r0ny.net/FiberGateway-G… #infosec #embedded

Cross-Platform GitHub Action to run workflows on FreeBSD, OpenBSD and NetBSD with x86_64 / arm64 architectures - Very useful to build/test your code on OS != Linux #Programming #DevOps #BSD github.com/cross-platform…

After an inspiring Day 1 at OffensiveX, we are ready to start Day 2! Today brings even more high-level talks, expert insights, and real-world hacking challenges. The action continues with top-tier speakers, a thrilling CTF competition, and plenty of opportunities to connect with

Shaping the minds of future hackers Offensive X 2025

💾 OpenBSD kernel internals improvement: Massive socket locking overhaul: ✅ Unix domain sockets: lock-free paths ✅ UDP sockets: rwlock → iterator ✅ Raw sockets: pushed down to sosend() ✅ AF_ROUTE: new locking scheme Multicore networking performance 📈 #OpenBSD

Kicking off this month’s live challenge is none other than TroyLynx a sharp mind in the cybersecurity scene, ready to dive into Lissafta, a vulnerable Node.js Express app with a dangerous eval() flaw.

undust is a simple utility that helps uncover archived, backup, and temporary files left behind on web servers. Given a URL, it generates the most common archive, temp and backup file name variants -> github.com/t3l3machus/und…

🚀 Why [[ ]] is superior to [ ] in #ksh: # Pattern matching works! [[ $file = *.log ]] # No word splitting [[ $var = "value with spaces" ]] # Logical operators [[ -f $file && -r $file ]] # Regex-like comparisons [[ $string < "zzz" ]] Safer and more powerful! #OpenBSD

🧮 #ksh arithmetic expressions (( )) vs external tools: # Built-in math (faster!) (( result = 10 * 5 + 3 )) (( counter++ )) # Comparisons (( $load > 80 )) && alert_high_load # Different bases echo $(( 16#FF )) # hex to decimal = 255 #OpenBSD

not many people know this, but you can also glide down to a value

🚀 Netcat secret weapon: nc -c -v -T noverify badssl.com 443 Built-in TLS testing in nc! No more openssl s_client needed for quick tests. OpenBSD makes everything simpler 💪 #OpenBSD

🔍 Hidden #OpenBSD debugging gem: ps -o pid,procflags,command Shows process flags in HEX revealing: ✅ PS_TRACED (being debugged) ✅ PS_CHROOT (chrooted) ✅ PS_PLEDGE (pledged) ✅ PS_SYSTEM (kernel process) Decode with /usr/include/sys/proc.h Deep process forensics! 🕵️ #OpenBSD

💡 Quick tip! Identified a template injection? And function calling is not possible? 🧐 Try to use native template engine features to bypass the restriction! Example! 👇

My job is still safe

new post! How Docker Works Internally pwnfunction.com/$/docker-inter…

This looks nicely written: ifixit.com/News/112008/po…

leave it to the eu regulators to make everything worse for the greater good!!!

i'd read this sygnia.co/blog/fire-ant-…

It's important to remember that "technology influencers" can be bad role models. Many encourage people to be "fans of technology" instead of actual developers of technology. Hot takes are easy, writing good code is not.

Friendly reminder that order of operations makes a difference... more so than you think ;)