Stable Diffusion on an AMD Ryzen 5 5600G
Published:
Executing the Stable Diffusion text-to-image model on an AMD Ryzen 5 5600G integrated GPU (iGPU).
Extract the schema from a remote LDAP server
Published:
How to extract the schema from a remote LDAP server and use it on a OpenLDAP instance.
Impact of the different Wifi security modes
Published:
Comparing the different Wifi/WPA authentication and key distribution methods (PSK, EAP, SEA).
Browser-based attacks on WebDriver implementations
Published:
Some context and analysis about attacks on in WebDriver implementations.
Lack of X.509 TLS certificate validation in OWASP ZAP
Published:
Lack of X.509 TLS certificate validation in OWASP ZAP (Zed Attack Proxy) could be used for man-in-the-middle attacks.
DNS rebinding on ReadyMedia/minidlna v1.3.0 and below
Published:
A DNS rebinding vulnerability I found in ReadyMedia (formerly MiniDLNA) v1.3.0 and below. This is CVE-2022-26505.
Introduction to TLS v1.3
Published:
Some notes about how TLS v1.3 works. This is a follow-up of the previous episode about TLS v1.2. As before, the goal is to have a high-level overview about how the protocol works, what is the role of the different messages and be able to understand (and debug) a network traffic dump.
CSRF and DNS-rebinding to RCE in Selenium Server (Grid)
Published:
Vulnerabilities in found on the WebDriver endpoints of Selenium Server (Grid).
DNS rebinding vulnerability to RCE in GeckoDriver
Published:
A DNS rebinding vulnerability I found in GeckoDriver which could be used to execute arbitrary shell commands. This is bug #1652612 and CVE-2021-4138.
Introduction to TLS v1.2
Published:
Some notes about how TLS v1.2 (Transport Layer Security) works. The goal explain what is going on in a network traffic dump, the role of the different TLS extensions, the impact of the different cipher suites on security, etc. It includes several diagrams and many references.
Page 4 of 11 | Previous page | Next page | JSON Feed | Atom Feed