Dumping memory on Linux system can be cumbersome especially that the behavior might be different among different GNU/Linux distribution or Linux kernel version. In the early days, the easiest was to dump the memory from the memory device (/dev/mem) but over time the access was more and more restricted in order to avoid malicious process to directly access the kernel memory directly. The kernel option CONFIG_STRICT_DEVMEM was introduced in kernel version 2.6 and upper (2.6.36–2.6.39, 3.0–3.8, 3.8+HEAD). So you'll need to use a Linux kernel module in order to acquire memory.
Alexandre Dulaunoy adulau
👨💻
adulau
/ DumpLinuxMemory.md
Created
March 5, 2013 22:03
Acquiring memory from a running Linux system (notes)
adulau
/ Mythos smythos! How to find 0day with lesser models.md
Created
May 8, 2026 14:56
Mythos smythos! How to find 0day with lesser models
- Channel: Risky Business Media
- Title: Mythos smythos! How to find 0day with lesser models
- Date: May 8, 2026
[00:00:03] hey everyone I'm James Wilson and welcome to this risky business features interview with Neil's Provos neils is someone who
List of services which are giving access to Tor network and especially Tor hidden services
via web interface. We keep track of potential injection or abuse from such service (the column Scam).
| Url | Status | Domain | Log | Techno | Scam |
|---|---|---|---|---|---|
| https://onion.re/ | DOWN | onion.re | full | custom | no |
adulau
/ gist:ab250a9945da4f6558be48a7b99ac427
Created
March 22, 2026 09:13
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| {"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2011-02-23T00:00:00.000Z", "descriptions": [{"lang": "en", "value": "The TFTP implementation on Cisco TelePresence endpoint devices with software 1.2.x through 1.5.x, 1.6.0, and 1.6.1 allows remote attackers to obtain sensitive information via a GET request, aka Bug ID CSCte43876."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2011-03-31T09:00:00.000Z", "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "shortName": "cisco"}, "references": [{"name": "1025112", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://www.securitytracker.com/id?1025112"}, {"name": "20110223 Multiple Vulnerabilities in Cisco TelePresence Endpoint Devices", "tags": ["vendor-advisory", "x_refsource_CISCO"], "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b6e152.shtml"} |
adulau
/ http2-rapid-reset-ddos-attack.md
Last active
March 15, 2026 20:08
HTTP/2 Rapid Reset DDoS Attack
This Gist aims to centralise the most relevant public sources of information related to the HTTP/2 Rapid Reset vulnerability. This vulnerability has been disclosed jointly by Google, Amazon AWS, and Cloudflare on 10 October 2023 at 12:00 UTC.
Please help us make this page as comprehensive as possible by contributing relevant references, vendor advisories and statements, mitigations, etc.
- CVE-2023-44487, CIRCL CVE Search
- How AWS protects customers from DDoS events, AWS
- (1) https://mobile.twitter.com/James_inthe_box/status/1234502259414749184
- (2) https://mobile.twitter.com/DynamicAnalysis/status/1234998504453361666
- (3) https://mobile.twitter.com/unpacker/status/1170677293926080512
- (4) https://marcoramilli.com/2019/12/05/apt28-attacks-evolution/
- (5) (CTI) https://www.clearskysec.com/wp-content/uploads/2020/02/ClearSky-Fox-Kitten-Campaign-v1.pdf
- (6) https://mobile.twitter.com/Vishnyak0v/status/1197129423830626318
adulau
/ cve_v5-1.json
Created
August 18, 2025 09:36
GCVE-1337-2025-00000000000000000000000000000000000000000000000001011111011111010111111001000000000000000000000000000000000000000000000000000000001 in CVEv5 format
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| { | |
| "dataType": "CVE_RECORD", | |
| "dataVersion": "5.1", | |
| "cveMetadata": { | |
| "vulnId": "", | |
| "cveId": "CVE-2025-8452", | |
| "vulnId": "GCVE-1337-2025-00000000000000000000000000000000000000000000000001011111011111010111111001000000000000000000000000000000000000000000000000000000001", | |
| "assignerOrgId": "00000000-0000-4000-9000-000000000000", | |
| "assignerShortName": "AHA", | |
| "vulnerabilitylookup_history": null, |
adulau
/ alt-to-gnupg.md
Last active
August 7, 2025 16:20
Alternative to GnuPG/OpenPGP - including encryption at rest, file and backup
- https://github.com/wbl/cpgb CPGB is the Curve Privacy Guard B, a secure replacement for GPG using ECC. (Status: Dead? last-update:2011)
- https://github.com/carlos8f/salty Alternative public key encryption using NaCl. (Status: Dead? last-update: 2016)
- https://github.com/TotalTechGeek/DiscreteCrypt This tool is an alternative to software like PGP, with a focus on Discrete Log Cryptography. The algorithm is currently in v2.2.5. (Status: Active)
- https://saltpack.org/ a modern crypto messaging format (Status: Active)
- https://github.com/stealth/opmsg opmsg is a replacement for gpg which can encrypt/sign/verify your mails or create/verify detached signatures of local files. (Status: Active)
adulau
/ yinyang-in-latex.md
Last active
June 25, 2025 07:12
Yinyang in tikz (LaTeX) because Saad and Emilien are annoying and Unicode is crap
NewerOlder