Kirakos
Yea, Here is it guys. Find your roommates and have a chit chat. Stack - Svelte Kit - Drizzle ORM with Turso sqlite - ShadCN-Svelte + customized style Link: https://aastu-reut.vercel.app/ Star the repo: https://github.com/henacodes/reut Share with yourβ¦
this is actually fun ngl π if youβre at AASTU, come check it out β big shoutout to kirakos for the ideaππ
@AfroSec
@AfroSec
β‘5β€1π1
Forwarded from Sirack's Universe
This media is not supported in your browser
VIEW IN TELEGRAM
I built my first mcp serve. It helps you iOS device forensics using iOS's sysdiagnose file. You can ask all kinds of interesting questions like
- how many apps were installed ? Past and present
- how many times was this device rebooted?
- find me suspicious apps
- what wifi was this device connected to, etc
- how many apps were installed ? Past and present
- how many times was this device rebooted?
- find me suspicious apps
- what wifi was this device connected to, etc
β‘3π₯2
Forwarded from Sirack's Universe
Boom, finally published! It chronicles (and highly speculative at times :)) how LLMs can help with mobile security. I have disscussed few use cases
1. For code obfuscation
2. For reverse engineering
3. For device forensics
4. For SOC automation & reporting
https://www.sandboxbrief.com/opportunites-mtd-with-ai-agents/
1. For code obfuscation
2. For reverse engineering
3. For device forensics
4. For SOC automation & reporting
https://www.sandboxbrief.com/opportunites-mtd-with-ai-agents/
Sandbox Brief
Opportunities for mobile security with AI & Agents
Large Language Models are transforming mobile security across multiple domains.
π₯4
Forwarded from The Hacker News
π¨ UK just busted two Scattered Spider hackersβ19 & 18βbehind the massive TfL cyberattack.
π₯ One of them, Thalha Jubair, is also charged in the US for 120+ hacks & $115M in ransoms. He could face 95 years.
Full story β https://thehackernews.com/2025/09/uk-arrest-two-teen-scattered-spider.html
π₯ One of them, Thalha Jubair, is also charged in the US for 120+ hacks & $115M in ransoms. He could face 95 years.
Full story β https://thehackernews.com/2025/09/uk-arrest-two-teen-scattered-spider.html
The Hacker News
. He could face 95 year
π±1π»1
π© CTF Update β EthioCyberShield Showdown π©
Big shoutout to our team APT-04 ππ₯
We placed 6th overall on the EthioCyberShield Showdown CTF! π
Proud of the grind we put in β even though I couldnβt make it for the last dayβs Incident Response (IR) challenge, the squad held it down strong. πͺ
This is just the startβ¦Next time, podium finish π€
#APT04 #CTF #CyberSecurity #EthioCyberShield #yekolotemari
@AfroSec
Big shoutout to our team APT-04 ππ₯
We placed 6th overall on the EthioCyberShield Showdown CTF! π
Proud of the grind we put in β even though I couldnβt make it for the last dayβs Incident Response (IR) challenge, the squad held it down strong. πͺ
This is just the startβ¦Next time, podium finish π€
#APT04 #CTF #CyberSecurity #EthioCyberShield #yekolotemari
@AfroSec
β‘4π3
Forwarded from Bug Sphere
πͺπΉ Bug-Sphere Waitlist is Live!
A new hub for Ethiopiaβs hackers, researchers, and security pros.
π Designed for collaboration, fair rewards, and real impact in securing organizations.
π Join the waitlist today and be part of the movement!
π https://bug-sphere.com/waitlist
A new hub for Ethiopiaβs hackers, researchers, and security pros.
Please open Telegram to view this post
VIEW IN TELEGRAM
β‘1
Domain_Fronting.pdf
6.1 MB
Domain fronting is a technique used to hide the true destination of network traffic. It exploits how some protocols, like HTTPS, handle TLS (Transport Layer Security) and HTTP headers, particularly when interacting with content delivery networks (CDNs).
Example:
Firewalls, network monitors, or DPI (Deep Packet Inspection) only see the 'front' domain (the allowed one), while the real destination remains hidden.
Common uses:
I just read this PPT and it offers really good insights. I havenβt finished it yet, but Iβm sure itβs worth reading.
@AfroSec
Example:
SNI: cdn.cloudflare.com (allowed)
HTTP Host header: malicious.example.com (your real server)
Firewalls, network monitors, or DPI (Deep Packet Inspection) only see the 'front' domain (the allowed one), while the real destination remains hidden.
Common uses:
1. Command & Control (C2) communication
2. Data exfiltration
I just read this PPT and it offers really good insights. I havenβt finished it yet, but Iβm sure itβs worth reading.
@AfroSec
β‘3π₯2π1