Winamp released its source code with a license that drew a lot of attention. That’s when other apps’ code was found inside.

Recently I was doing an assessment in a locked down and restricted environment. One of the first actions you tend to do when landing a shell on a [linux] box is to do some reconnaissance. This is both on host and network, as you want to determine what new access this host has given you. Normally you would run netstat, ifconfig, ip route etc to determine if the compromised host is connected to any other hosts and to determine if there are other network segments you do not know about.

How We Lost Communication to Entertainment par Ploum - Lionel Dricot.

CISA says the U.S. government has extended MITRE's funding to ensure no continuity issues with the critical Common Vulnerabilities and Exposures (CVE) program.

Pocket Flow: Codebase to Tutorial. Contribute to The-Pocket/PocketFlow-Tutorial-Codebase-Knowledge development by creating an account on GitHub.

I’ve written a fair amount of code in my IT career and released a good number of Windows programs also, so a good tool to create Windows installer packages was always key. Each program would have a different set of needs, such as scripts, DLLs, security settings, etc., so one tool that could handle a

Select, put and delete data from JSON, TOML, YAML, XML and CSV files with a single tool. Supports conversion between formats and can be used as a Go package. - TomWright/dasel

Learn about the problem of sensitive info getting published on version control systems and discover multiple ways to monitor GitHub for secrets.

🎥 Step inside the surreal world of The Goodies, where chaos became genius and three madmen turned television upside down. Discover the wild stunts, secret d...

Get up and running with large language models.

Anthropic installed an AI-powered vending machine in the WSJ office. The LLM, named Claudius, was responsible for autonomously p

Despite Kubernetes' own declarative API, and the obvious benefits of maintaining a cluster's infrastructure and services from the same infrastructure as code repository, Terraform is far from the first choice to provision Kubernetes resources. Kubestack, the open-source Terraform framework I maintain, aims to provide the best developer experience for teams working with Terraform and Kubernetes.

Brendan Gregg's homepage: I use this site to share various things, mostly my work with computers, specifically, computer performance analysis and methodology.

Contribute to privastead/privastead development by creating an account on GitHub.

Production visibility and security for your web applications and APIs

The traditional wisdom says resting meat keeps it juicy. But when we put that idea to the test, we found a different reason to rest—one that has nothing to do with juice.

When you request a certificate from Let’s Encrypt, our servers validate that you control the hostnames in that certificate using ACME challenges. For subscribers who need wildcard certificates or who prefer not to expose infrastructure to the public Internet, the DNS-01 challenge type has long been the only choice. DNS-01 works well. It is widely supported and battle-tested, but it comes with operational costs: DNS propagation delays, recurring DNS updates at renewal time, and automation that often requires distributing DNS credentials throughout your infrastructure.

All the benefits of plugins with none of the downsides.

Blue Team playbooks are essential—but tools like Wazuh take them to the next level. From credential dumping to web shells and brute-force attacks, see how Wazuh strengthens real-time detection and automated response.