| https://twitter.com/postmodern_mod3 | |
| GitHub | https://github.com/postmodern |
| Blog | https://postmodern.github.io |
| Ruby Toots | https://ruby.social/@postmodern |
| Ronin | https://ronin-rb.dev |
Wow, you got to be kidding me. Neo4j, the go-to graph database solution, only supports importing CSV, TSV, Parquet, XLS, JSON, XML, and RDF/OWL. Why do all of these other graph file formats even exist?
There are a dozen different graph file formats, such as GraphML, SIF, GDF, GML, GEXF, or XGMML, but what other software besides Gephi supports importing these formats? I'm curious what else one can do with these file formats besides visualize them in Gephi?
Can anyone recommend me blog posts or talks on setting up your own fuzzing cluster? I'm curious whether fuzzing aficionados still use regular processes on bare metal for performance, or have they embraced containers and Kubernetes (or Docker Swarm, or Rancher, or Nomad)? I suspect containers must add some degree of latency, but make deploying new test harnesses much easier. Also, is it cheaper to setup your cluster "in the cloud", or host your own fuzzing cluster on your own hardware?
Regarding the latest privacy drama about Discord, what privacy focused chat/forum platform are Open Source Security projects using or moving to?
How do you create a custom Fedora 43 Lab LiveCD? I was looking at the kickstart file for the Fedora Security Lab LiveCD and tried building it locally. The livecd-creator command complained that it needed the fedora-live-base.ks file included by fedora-livecd-security.ks. Most of the instructions online claim this file is available from the spin-kickstarts package (which no longer exists in Fedora 43) or the fedora-kickstarts git repo (which now only contains a message saying it's been replaced with a different build system). I can find older mirrored copies on GitHub, but I'm looking for the official supported way of building a custom Fedora LiveCD.
PSA: Did you know that itโs **unsafe** to put code diffs into your commit messages?
Like https://github.com/i3/i3/pull/6564 for example
Such diffs will be applied by patch(1) (also git-am(1)) as part of the code change!
This is how a sleep(1) made it into i3 4.25-2 in Debian unstable.
What ticketing system do Red Teamers generally perfer? How about for knowledge management?
What are people's favorite JavaScript packer/minifier/compiler?
Good lord Windows C programming is terrible.
In UNIX to convert an error code into text one does:
Michael Stapelberg ๐ง๐น๐บstrerror(errno);
but in Windows...
char buffer[256];
buffer[0] = '\0'; // for some reason
FormatMessage(FORMAT_MESSAGE_FROM_SYSTEM | FORMAT_MESSAGE_IGNORE_INSERTS, 0, GetLastError(), 0, buffer, sizeof(buffer), 0);
The more I research how certain popular security CLI utilities work/behave, the more amazed I am at how much kruft and bad UX (or CLI-X?) infosec practioners put up with. We need to stop fetishising janky and clunky CLI utilities. Learning and mastering them does not make your a better hacker, they are just slowing you down with bad UX, confusing option names/behavior, and poor documentation. Better things are possible.