👩💻 Docker Security.
• На сайте hacktricks есть очень объемная Wiki по безопасной настройке Docker. Крайне много информации по Socket, Capabilities, Escape from Containers и т.д. Рекомендую к изучению:
• Basic Docker Engine Security:
➡️Secure Access to Docker Engine;
➡️Security of Container Images;
➡️Image Scanning;
➡️Docker Image Signing.
• Containers Security Features:
➡️Namespaces;
➡️cgroups;
➡️Capabilities;
➡️Seccomp in Docker;
➡️AppArmor in Docker.
#Docker #Security
• На сайте hacktricks есть очень объемная Wiki по безопасной настройке Docker. Крайне много информации по Socket, Capabilities, Escape from Containers и т.д. Рекомендую к изучению:
• Basic Docker Engine Security:
➡️Secure Access to Docker Engine;
➡️Security of Container Images;
➡️Image Scanning;
➡️Docker Image Signing.
• Containers Security Features:
➡️Namespaces;
➡️cgroups;
➡️Capabilities;
➡️Seccomp in Docker;
➡️AppArmor in Docker.
#Docker #Security
HackTricks
HackTricks - HackTricks
HackTricks is a cybersecurity knowledge base with practical pentesting, red team, web, cloud, binary exploitation, and privilege escalation techniques.
Forwarded from UzCERT Live
#Apex #intellekt #pentester #AI
Please open Telegram to view this post
VIEW IN TELEGRAM
⚡1👍1🔥1🤔1
Forwarded from 1N73LL1G3NC3
KslKatz
Combining KslDump and GhostKatz to dump LSASS using no-vulnerability KslD.sys memory read to bypass PPL. Extracts MSV1_0 NT hashes and WDigest cleartext passwords (if enabled) from LSASS using a Microsoft-signed driver.
Combining KslDump and GhostKatz to dump LSASS using no-vulnerability KslD.sys memory read to bypass PPL. Extracts MSV1_0 NT hashes and WDigest cleartext passwords (if enabled) from LSASS using a Microsoft-signed driver.
👍1
Forwarded from Cyber Detective
The OSINT Tools Library is new project from Osint Newsletter and Jake Creps
And this isn’t just a simple collection of tools. Each instrument’s page contains the following sections: what does it do, how to use, cost, data processing, use in reporting.
https://tools.osintnewsletter.com/osint-tools/google-lens
And this isn’t just a simple collection of tools. Each instrument’s page contains the following sections: what does it do, how to use, cost, data processing, use in reporting.
https://tools.osintnewsletter.com/osint-tools/google-lens
Forwarded from Cyber Detective
WindVector
Detailed info on winds and air currents. It features an online map, a 3D model of atmospheric layers, and the ability to view historical data for past dates. It is useful for investigating natural disasters and aviation accidents.
https://windvector.app/
#geoint
Detailed info on winds and air currents. It features an online map, a 3D model of atmospheric layers, and the ability to view historical data for past dates. It is useful for investigating natural disasters and aviation accidents.
https://windvector.app/
#geoint
Forwarded from Turan Security
Kiberxavfsizlik bo'yicha seminar-trening!
O'zbekiston Respublikasi Prezidentining yoshlar bilan uchrashuvida belgilangan vazifalar doirasida Muhammad al-Xorazmiy nomidagi Toshkent axborot texnologiyalari universiteti talabalarining kiberxavfsizlik sohasidagi amaliy bilim va ko‘nikmalarini oshirish maqsadida sohadagi yetakchi kompaniya mutaxassislari bilan seminar-trening tashkil etildi.
Tadbirda kompaniyamiz vakillari ham o‘zlarining amaliy tajribalari va bilimlari bilan o‘rtoqlashdilar.
Akmaljon Sodiqov - Turan Security asoschisi:
📌 CNA nima? Kiberxavfsizlikda o'qib pul ishlash mumkinmi?
Yoldoshali Esonaliyev - Team Lead:
📌 Web ilovalar xavfsizligi.
Abdumutal Abdumutalov - Team Lead:
📌 Android ilovalari xavfsizligida statik tahlil usullari.
Seminar yakunida universitet professor-o‘qituvchilari va xodimlari bilan hamkorlikni yanada kengaytirish bo‘yicha kelishuvga erishildi.
@turansecurity | www.turansec.uz | info@turansec.uz
O'zbekiston Respublikasi Prezidentining yoshlar bilan uchrashuvida belgilangan vazifalar doirasida Muhammad al-Xorazmiy nomidagi Toshkent axborot texnologiyalari universiteti talabalarining kiberxavfsizlik sohasidagi amaliy bilim va ko‘nikmalarini oshirish maqsadida sohadagi yetakchi kompaniya mutaxassislari bilan seminar-trening tashkil etildi.
Tadbirda kompaniyamiz vakillari ham o‘zlarining amaliy tajribalari va bilimlari bilan o‘rtoqlashdilar.
Akmaljon Sodiqov - Turan Security asoschisi:
📌 CNA nima? Kiberxavfsizlikda o'qib pul ishlash mumkinmi?
Yoldoshali Esonaliyev - Team Lead:
📌 Web ilovalar xavfsizligi.
Abdumutal Abdumutalov - Team Lead:
📌 Android ilovalari xavfsizligida statik tahlil usullari.
Seminar yakunida universitet professor-o‘qituvchilari va xodimlari bilan hamkorlikni yanada kengaytirish bo‘yicha kelishuvga erishildi.
@turansecurity | www.turansec.uz | info@turansec.uz
👍3🤝2