eternalyperplxed

@eternalyperplxed@infosec.exchange
301 Followers
353 Following
23 Posts

Blue teamer dabbling in devops. Star Trek > Star Wars.

Strong believer in Hanlon's Razor https://en.wikipedia.org/wiki/Hanlon%27s_razor

Security/devops engineer and architect at a startup. Wearer of many hats.

https://european-alternatives.eu/categories

Websitehttps://www.securityducttape.com
eternalyperplxed3d ago
Disclaimer: Every time I get an unsolicited sales email from a vendor wanting to do an introductory call, and that vendor is already used by my employer, that vendor owes me $20
eternalyperplxed5d ago

Me Before: "Oh neat, this program needs an update, they probably fixed some bugs and added new features!"

Me Now: "Oh fuck, this program needs an update. they probably put more ads in and moved features behind a paywall."

eternalyperplxedJun 20
Given Iran's internet shutdown, is it feasible or even possible for the US gov't to shutdown it's domestic internet access given A) that private companies provide the service and B) a significant portion of global internet data runs through or is hosted from the US?
eternalyperplxedJun 18

Can someone explain why a service would need to do full TLS decryption/inspection just to allow for decisioning on the SNI field? (Assuming no encrypted SNI is present)

#aws #infosec #frustration

eternalyperplxedJun 17
Is there a better way to start the day than having meetings cancelled?
eternalyperplxedJun 16

SpaceX is building a company town. How far off is this from becoming a form of company scrip?

https://gizmodo.com/amazon-and-walmart-may-issue-their-own-company-crypto-2000615826

https://en.wikipedia.org/wiki/Company_scrip

Amazon and Walmart May Issue Their Own Company-Crypto

The Genius Act would likely need to pass first.

Gizmodo
eternalyperplxedJun 13
When there are reports of "President X holds phone call with Prime Minister Y", are they actually on a phone, or is everything video based now?
eternalyperplxedJun 12

Remember the good ol' days when we could just blame Level3?

#gcp #cloudflare

eternalyperplxedJun 11
Lenin alevski 🕵️💻Jun 11

I finally wrapped up a project that had been on my mind for over a year.

Introducing RBAC ATLAS - 🔗 https://rbac-atlas.github.io

RBAC ATLAS is a curated database of identities and the Role-Based Access Control (RBAC) policies tied to them in popular Kubernetes open-source projects. Each entry includes security annotations that highlight granted permissions, potential risks, and possible abuse scenarios (inspired by classics like GTFOBins and LOLBAS).

Why does RBAC matter?

RBAC is the last line of defense in Kubernetes security. If a workload gets compromised and an identity is stolen, a misconfigured or overly permissive RBAC policy (often seen with Operators) can let an attacker move laterally through the cluster — potentially leading to a full takeover. Alongside RBAC ATLAS, I’ve also been working on a tool called RBAC Scope — a static analyzer that checks RBAC policies against 100+ rules to flag risks and abuse scenarios. It’s built to be flexible and open for contributions, so the community can create their own rules. I’ll be releasing that project soon as well!

In the meantime, if you're curious to learn more — or want to invite me to speak at your conference — feel free to reach out. I’ll be talking about these tools at the Red Team Village during DEFCON 33.

eternalyperplxedJun 10
k3ym𖺀Jun 10
Damnit. @eff just dropped new merch, and I want it.