ace
@vexvec.bsky.social
Security Researcher. Love finding bugs, exploiting stuff and breaking AI security measures.
Pastebin search tips
1. Search by keywords in archive org collection search web.archive.org/collection-sea… (last update 2023)
2. Search fresh pastes links in index.commoncrawl.org
3. Search in Pastebin and dozens other paste sites with this Google CSE:
cybdetective.com/pastebin.html
1. Search by keywords in archive org collection search web.archive.org/collection-sea… (last update 2023)
2. Search fresh pastes links in index.commoncrawl.org
3. Search in Pastebin and dozens other paste sites with this Google CSE:
cybdetective.com/pastebin.html
https://web.archive.org/collection-sea…
January 28, 2025 at 11:21 AM
Pastebin search tips
1. Search by keywords in archive org collection search web.archive.org/collection-sea… (last update 2023)
2. Search fresh pastes links in index.commoncrawl.org
3. Search in Pastebin and dozens other paste sites with this Google CSE:
cybdetective.com/pastebin.html
1. Search by keywords in archive org collection search web.archive.org/collection-sea… (last update 2023)
2. Search fresh pastes links in index.commoncrawl.org
3. Search in Pastebin and dozens other paste sites with this Google CSE:
cybdetective.com/pastebin.html
January 14, 2025 at 11:25 PM
Hmm, ChatGPT's system prompt looks a bit weird compared to Grok's 🤔.
#infosec #ai #llm #informationdisclosure
#infosec #ai #llm #informationdisclosure
January 12, 2025 at 4:53 PM
Hmm, ChatGPT's system prompt looks a bit weird compared to Grok's 🤔.
#infosec #ai #llm #informationdisclosure
#infosec #ai #llm #informationdisclosure
Lol, what's that? Grok happily outputs it's system prompt if you change your account location to some specific locations.
Ok...
Ok...
January 8, 2025 at 2:15 PM
Lol, what's that? Grok happily outputs it's system prompt if you change your account location to some specific locations.
Ok...
Ok...
🐳 #Docker #ContainerBreakout #PrivilegeEscalation
2. Escaping a privileged Container
To escape a privileged container is pretty easy because you have access to the devices under /dev, i.e. you can mount the disk inside the container and access the host filesystem.
2. Escaping a privileged Container
To escape a privileged container is pretty easy because you have access to the devices under /dev, i.e. you can mount the disk inside the container and access the host filesystem.
January 2, 2025 at 12:28 PM
🐳 #Docker #ContainerBreakout #PrivilegeEscalation
2. Escaping a privileged Container
To escape a privileged container is pretty easy because you have access to the devices under /dev, i.e. you can mount the disk inside the container and access the host filesystem.
2. Escaping a privileged Container
To escape a privileged container is pretty easy because you have access to the devices under /dev, i.e. you can mount the disk inside the container and access the host filesystem.
🐳 #Docker #ContainerBreakout:
1. Mounted Docker socket:
If you find a mounted Docker socket inside a container it can usually be exploited to takeover the host.
This is because docker itself does not have access control and access to the socket allows to perform any action.
1. Mounted Docker socket:
If you find a mounted Docker socket inside a container it can usually be exploited to takeover the host.
This is because docker itself does not have access control and access to the socket allows to perform any action.
December 27, 2024 at 11:23 AM
🐳 #Docker #ContainerBreakout:
1. Mounted Docker socket:
If you find a mounted Docker socket inside a container it can usually be exploited to takeover the host.
This is because docker itself does not have access control and access to the socket allows to perform any action.
1. Mounted Docker socket:
If you find a mounted Docker socket inside a container it can usually be exploited to takeover the host.
This is because docker itself does not have access control and access to the socket allows to perform any action.
Did you know there are currently 7 known ways to break out of a 🐳 #Docker #container?
I will explain them to you in a Docker escape series.
#PrivilegeEscalation #ContainerBreakout
#DockerBreakout
I will explain them to you in a Docker escape series.
#PrivilegeEscalation #ContainerBreakout
#DockerBreakout
December 27, 2024 at 11:06 AM
Did you know there are currently 7 known ways to break out of a 🐳 #Docker #container?
I will explain them to you in a Docker escape series.
#PrivilegeEscalation #ContainerBreakout
#DockerBreakout
I will explain them to you in a Docker escape series.
#PrivilegeEscalation #ContainerBreakout
#DockerBreakout
😂 Security best practice if your password appears in a word list. Make a PR to remove it and let everyone know that it's your password.
December 27, 2024 at 9:48 AM
😂 Security best practice if your password appears in a word list. Make a PR to remove it and let everyone know that it's your password.
How to receive a file on a 🐧 #Linux host where you have no curl available?
You can leverage Linux's raw TCP network socket.
Host the file on a public accessible IP with:
nc -lvp 999 < /path/file
And receive it on the client with:
cat < /dev/net//999 > /tmp/out
You can leverage Linux's raw TCP network socket.
Host the file on a public accessible IP with:
nc -lvp 999 < /path/file
And receive it on the client with:
cat < /dev/net/
December 27, 2024 at 9:34 AM
How to receive a file on a 🐧 #Linux host where you have no curl available?
You can leverage Linux's raw TCP network socket.
Host the file on a public accessible IP with:
nc -lvp 999 < /path/file
And receive it on the client with:
cat < /dev/net//999 > /tmp/out
You can leverage Linux's raw TCP network socket.
Host the file on a public accessible IP with:
nc -lvp 999 < /path/file
And receive it on the client with:
cat < /dev/net/
How to find n-day vulnerabilities in Google Chrome V8 engine?
Checkout Alisa's video from VXCON www.youtube.com/live/b9Ohamk...
Checkout Alisa's video from VXCON www.youtube.com/live/b9Ohamk...
YouTube
Share your videos with friends, family, and the world
www.youtube.com
November 23, 2024 at 12:29 PM
How to find n-day vulnerabilities in Google Chrome V8 engine?
Checkout Alisa's video from VXCON www.youtube.com/live/b9Ohamk...
Checkout Alisa's video from VXCON www.youtube.com/live/b9Ohamk...
Interesting video and research by Alisa Esage about Fuzzing.
www.youtube.com/live/9U-FK_Q...
Slides: zerodayengineering.com/research/sli...
www.youtube.com/live/9U-FK_Q...
Slides: zerodayengineering.com/research/sli...
YouTube
Share your videos with friends, family, and the world
www.youtube.com
November 16, 2024 at 4:12 PM
Interesting video and research by Alisa Esage about Fuzzing.
www.youtube.com/live/9U-FK_Q...
Slides: zerodayengineering.com/research/sli...
www.youtube.com/live/9U-FK_Q...
Slides: zerodayengineering.com/research/sli...
I'm really impressed by the possibilities that bluesky provides. It lets me setup everything how I like it, even content moderation settings in a very detailed way. This is pretty cool.
November 16, 2024 at 12:10 AM
I'm really impressed by the possibilities that bluesky provides. It lets me setup everything how I like it, even content moderation settings in a very detailed way. This is pretty cool.
Man, where are all the skilled Security Researchers?
November 15, 2024 at 11:39 PM
Man, where are all the skilled Security Researchers?