Open in app

Sign In

Write

Sign In

pirx
pirx

6 Followers

Home

About

Aug 13, 2022

wtfis: Passive FQDN and Domain Lookup Tool

I wrote a nifty Python commandline tool for looking up FQDNs and domains using various OSINT sources. It’s definitely useful to me, but I hope it is too to security researchers, incident responders and the like. Check out the project page here: GitHub - pirxthepilot/wtfis: Passive host and domain name lookup tool for non-robots Passive host and domain name lookup tool for non-robots wtfis is a commandline tool that gathers information about a…github.com

Infosec

2 min read

wtfis: Passive FQDN and Domain Lookup Tool
wtfis: Passive FQDN and Domain Lookup Tool
Infosec

2 min read


Jul 4, 2022

Least Privilege Role for Your AWS Static Site

Let’s say you’ve deployed a static site on our AWS account using Cloudfront and S3, such as described in Automated Static Site Deployment in AWS Using Terraform. When it comes time to update its content or tweak some settings, using an all-powerful AWS admin account is bad security practice (not…

AWS

2 min read

AWS

2 min read


Jun 20, 2022

Update to Log4shell Detection With Falco

In a prior post I described how to detection potential Log4shell ( CVE-2021–44228) exploitation by looking for patterns in a Java process’ write() or sendto() buffer in LDAP and RMI connections. One limitation of this is that it matches on text in the buffer. The good news is that as…

Threat Detection

3 min read

Update to Log4shell Detection With Falco
Update to Log4shell Detection With Falco
Threat Detection

3 min read


Jun 7, 2022

PwnKit Privilege Escalation Detection

This article describes one way to detect the PwnKit ( CVE-2021–4034), a privilege escalation vulnerability on polkit’s pkexec utility. As with the previous post, we are using Falco for detection and Sysdig for analysis. Resources Qualys report PoC by berdav PoC by ly4k Premise Based on the Qualys report, this exploit depends…

Threat Detection

3 min read

PwnKit Privilege Escalation Detection
PwnKit Privilege Escalation Detection
Threat Detection

3 min read


May 20, 2022

Syscall-Based Log4Shell Detection on Linux

This is a write-up about detecting exploitation of the Log4Shell vulnerability ( CVE-2021–44228) in Log4j by monitoring specific syscalls using Falco. This post also describes the analysis I employed to arrive at my conclusions. Note that this is not meant to be an end-all detection for Log4Shell but instead one…

Threat Detection

9 min read

Syscall-Based Log4Shell Detection on Linux
Syscall-Based Log4Shell Detection on Linux
Threat Detection

9 min read


May 2, 2022

Automated Static Site Deployment in AWS Using Terraform

This is a quick and reusable way to deploy an AWS-hosted environment for static sites generated by the likes of Hugo and Jekyll. The code is written in Terraform, which allows us to set up (and tear down, if needed) all the necessary components just by running a few commands. …

AWS

7 min read

AWS

7 min read

pirx

pirx

6 Followers

Security engineer when not distracted by other things

Following
  • Brendan Chamberlain

    Brendan Chamberlain

  • Alex Teixeira

    Alex Teixeira

  • Dmitrijs Trizna

    Dmitrijs Trizna

  • Anton Chuvakin

    Anton Chuvakin

  • Julie Agnes Sparks

    Julie Agnes Sparks

Help

Status

Writers

Blog

Careers

Privacy

Terms

About

Text to speech