dolphino's Avatar

dolphino

@dolphinow

IT Security

20
Followers 82
Following 1
Posts 20.11.2024
Joined
Posts Following

Latest posts by dolphino @dolphinow

Preview
GitHub - airbus-cert/volatility-kerberos: Volatility plugin to deal with windows kerberos security provider, list, carve and dump Tickets Volatility plugin to deal with windows kerberos security provider, list, carve and dump Tickets - airbus-cert/volatility-kerberos

Kerberos plugin for @volatilityfoundation.org allows you to list and extract tickets from memory dump. Another way to track user activity by checking services tickets !

github.com/airbus-cert/...

21.01.2026 14:00 πŸ‘ 2 πŸ” 2 πŸ’¬ 0 πŸ“Œ 0
Analyzing the unsafe chroot behavior of sudo CVE-2025-32463 | Sky Blueteam A story of a bee, a sandwich and a crab

🐝 New blog post at skyblue.team/posts/unsafe...

At Airbus CERT, we worked on the sudo CVE-2025-32463 to create detection and hunting rules.
Based on the underlying vulnerability, we developed an eBPF based tool to monitor unsafe chroot behavior regarding NSS reloading.

github.com/airbus-cert/...

04.11.2025 15:30 πŸ‘ 1 πŸ” 1 πŸ’¬ 0 πŸ“Œ 0
Preview
GitHub - airbus-cert/indx-rs: $I30 INDX Carver $I30 INDX Carver. Contribute to airbus-cert/indx-rs development by creating an account on GitHub.

We just released an $I30 INDX carver written in Rust! πŸ¦€ πŸš€

github.com/airbus-cert/...

25.06.2025 11:43 πŸ‘ 3 πŸ” 3 πŸ’¬ 0 πŸ“Œ 1
Preview
Details on Omnivore shutting down I wanted to share additional info about Omnivore’s shutdown, and ways to use your Omnivore data going forward.

Bye Omnivore 😭
blog.omnivore.app/p/details-on...

26.11.2024 15:34 πŸ‘ 1 πŸ” 0 πŸ’¬ 0 πŸ“Œ 0