HackerTrans
TopNewTrendsCommentsPastAskShowJobs

leonjza

no profile record

Submissions

Pipetap: A Windows Named Pipe Multi-Tool / Proxy

github.com
10 points·by leonjza·7 bulan yang lalu·0 comments

Modern Self-Service Platform

flowctl.net
1 points·by leonjza·7 bulan yang lalu·0 comments

Gowitness – a CLI screenshot utility that uses Chrome headless

github.com
1 points·by leonjza·2 tahun yang lalu·1 comments

Show HN: Port-jump – Some security by obscurity using port-jumping

github.com
1 points·by leonjza·2 tahun yang lalu·0 comments

Show HN: Gowitness – a Golang, web screenshot utility using Chrome Headless

github.com
3 points·by leonjza·4 tahun yang lalu·0 comments

Italian mafia boss caught after Google Maps sighting in Spain

bbc.com
5 points·by leonjza·5 tahun yang lalu·0 comments

comments

leonjza
·2 tahun yang lalu·discuss
I have fond memories of parsing random things to pipe to gource as a younger me. The code is ancient, but here [0] was an experiment to get something like nmap (and other data) ready to feed to gource. Fun to watch indeed!

[0] https://github.com/leonjza/py2gource
leonjza
·2 tahun yang lalu·discuss
Curious about this statement. Can you link to any reading I can do to learn more?
leonjza
·2 tahun yang lalu·discuss
v3 just released with plenty of new features, optimizations and more! https://github.com/sensepost/gowitness/releases/tag/3.0.0
leonjza
·2 tahun yang lalu·discuss
Creation is done by running migrations [1] (invoked via Laravel's artisan command line). Using the database is done via Models[2].

[1] https://github.com/firefly-iii/firefly-iii/tree/main/databas... [2] https://github.com/firefly-iii/firefly-iii/tree/main/app/Mod...
leonjza
·3 tahun yang lalu·discuss
This is fun! I was curious about pulling something like this off in Golang, and wipped together a dirty PoC using Traefik's yaegi here [0]

[0] https://gist.github.com/leonjza/9d53b30a6b85ff837a27170a185a...
leonjza
·4 tahun yang lalu·discuss
Happy to see the kernel init parameters fix land! For context, I used firecracker (very successfully) in a CTF, driven via a Discord bot.

One of the challenges I tried to build was one where a player would get access to the kernel commandline with the goal being that they should hack their way around the environment to get access to an encrypted disk. Unfortunately, that was when I get the now fixed bug[1].

[1] https://github.com/firecracker-microvm/firecracker/issues/27...
leonjza
·5 tahun yang lalu·discuss
I really enjoyed the debugging process here, and am glad to have learnt about the -k flag which seems to only be available on systems with strace version 5.5, at least for me.

As for the patch (and my love for all things Frida [1]), I think a call to Intercerptor.replace() after locating the symbol with Module.getExportByName() [2] would make for a simpler patch (at the cost of installing Frida). For example:

  const sym = Module.getExportByName("lime.ndll", "SDL_SemWait");
  Interceptor.replace(sym, {
    onEnter: function() {},
    onLeave: function() {}
  });
[1] https://frida.re/

[2] https://frida.re/docs/javascript-api/#module