Finch v0.1.0 is live! ✨
excited to open-source another pet project: a fingerprint-aware TLS reverse proxy. use Finch to collect client fingerprints and act on them: block, reroute, tarpit, or deceive in real time!
go break it & report bugs! github.com/0x4D31/finch
haha 🤷♂️ give oai o3 and o3-pro a try if you haven’t. at least they can reason better than half the people i’ve worked with.
Using Timesketch for timeline analysis? We recently added a new feature: LLM summaries of up to 500 events in view. Example below uses Gemini Flash, but you can just as easily use a local Ollama model. Setup guide: timesketch.org/guides/user/...
Investigating an "evil" RJ45 dongle: lcamtuf.substack.com/p/investigat...
dig @.lmctfy -p 5353 -y hmac-sha256:mykey:SGVsbG8h "whats-the-meaning-of-life" TXT
spent an afternoon over the holidays on a mini project, but it’s so silly i’m not sure it’s worth sharing. who else, besides me, would use `dig` and `ssh` to interact with an llm?
🤪 llm over dns—maybe to brainstorm with chatgpt during a long flight without paying for inflight internet!?
My latest work has been published:
"CTU Hornet 65 Niner: A network dataset of geographically distributed low-interaction honeypots"
The dataset has a unique value for studying the nature of Internet attacks over time and their changes and characteristics.
www.sciencedirect.com/science/arti...
I'm watching some folks reverse engineer the xz backdoor, sharing some *preliminary* analysis with permission.
The hooked RSA_public_decrypt verifies a signature on the server's host key by a fixed Ed448 key, and then passes a payload to system().
It's RCE, not auth bypass, and gated/unreplayable.
hello @bsky.app!
i hate the app icon and splash screen.
