Seclog - #65

We can change our lives. We can do, have, and be exactly what we wish. — Tony Robbins

📚 SecMisc

  • Timelock Encryption: Send a secret into the future - Encrypt messages to be opened only after a set period. Read More

  • findsecuritycontacts.com - top sites - Find security contacts for top websites. Read More

  • ZafiyetAI | Yapay Zeka Güvenlik Atlası | Anasayfa - AI security insights and research in Turkish. Read More

📰 SecLinks

  • Tool of First Resort: Israel-Hamas War in Cyber - Dynamics of cyber warfare between Israel and Hamas. Read More

  • Manipulating LLMs – How to confuse ChatGPT – Compass Security Blog - Techniques to challenge and confuse ChatGPT. Read More

  • I figured out how DMARC works, and it almost broke me | Simon Andrews - Deep dive into setting up SPF, DKIM, DMARC for email security. Read More

  • Product security: barking up the wrong tree - Critical perspective on current product security practices. Read More

  • Insecurity and Python pickles [LWN.net] - Security vulnerabilities in Python's pickle module. Read More

  • 2024 OSSRA Report - Insights from the Open Source Security and Risk Analysis Report. Read More

  • Reverse engineering a car key fob signal (Part 1) · 0x44.cc - Process and techniques of reverse engineering car key fob signals. Read More

  • How to find the AWS Account ID of any S3 Bucket - Identifying the AWS Account ID for any S3 bucket. Read More

  • Hiding in plain sight: Introducing WebTunnel | The Tor Project - Evading censorship with WebTunnel by the Tor Project. Read More

  • Devin, the first AI software engineer - Discussing the development and capabilities of Devin, an AI software engineer. Read More

  • Remote code execution in a billion-dollar publicly traded company · tedmdelacruz - Analysis of a remote code execution vulnerability. Read More

  • Picus-The-Complete-Active-Directory-Security-Handbook.v1 - Guide to securing Active Directory environments. Read More

  • What a Cluster: Local Volumes Vulnerability in Kubernetes | Akamai - Command injection vulnerability in Kubernetes. Read More

  • HackerOne | Report #2040756 - Vulnerability in Pentest Opportunity status alteration. Read More

  • Salt Labs research finds security flaws within ChatGPT Ecosystem (Remediated) Security flaws in the ChatGPT ecosystem. Read More

  • How I Exposed Instagram's Private Posts by Blocking Users · Cyber Security & Software Development - Exploiting a vulnerability on Instagram. Read More

  • Building an AITM attack tool in Cloudflare Workers (174 LOC) – Zolder B.V. - Building an attack tool using Cloudflare Workers. Read More

  • Security.txt in the wild – Gonçalo Valério - Analysis of the adoption and implementation of security.txt. Read More

🐦 SecTweet

  • Joseph Cox on X - New from 404 Media: Issue with safe lock manufacturers having backdoor codes. View Tweet

🎥 SecVideo

  • Fuzz Everything, Everywhere, All at Once - media.ccc.de - Insights into the applications of fuzzing in security. Watch Here

  • eBPF: Unlocking the Kernel [OFFICIAL DOCUMENTARY] - YouTube - Exploring eBPF technology in the Linux kernel. Watch Here

💻 SecGit

  • WRFan/jailbreak10.3.3 - Downgrading, jailbreaking, and setting up iOS 10.3.3 on an iPhone 5s. Explore on GitHub

  • anasfik/flutter-spy - Analyze and extract data from reverse-engineered Flutter apps. Explore on GitHub

  • gchq/CyberChef - A web app for encryption, encoding, compression, and data analysis. Explore on GitHub

  • BishopFox/llm-testing-findings - Templates for testing large language models (LLMs). Explore on GitHub

  • h4x0r-dz/CVE-2024-21762 - An out-of-bounds write vulnerability in Fortinet FortiOS. Explore on GitHub

  • piaolin/DetectDee - A tool to find social media accounts by username, email, or phone. Explore on GitHub

  • c2links/NoWhere2Hide - A project related to online privacy and security. Explore on GitHub


I've now added all your links to the template. If you need any further adjustments, please let me know!