Tag: security
All the articles & tech notes with the tag "security".
Articles
-
A deep-dive into the failed attempts to force egress via physical NICs using IP aliasing and policy routing, and the subsequent pivot to loopback capture and raw string extraction.
-
Statically analyze and programmatically modify compiled .class files without decompilation. Covers a practical example of changing a bytecode equality operator to alter program behavior, along with additional capabilities like method injection and code insertion.
-
Dynamically load and execute compiled Java classes from byte array using a custom ClassLoader, without writing physical class files to disk. Highlights use cases like license validation, encrypted class delivery, and secure remote code execution.
-
Use Java's SignedObject with DSA public-key cryptography to digitally sign serialized Java objects before network transfer. The signed objects are verified at the receiving end ensuring data integrity and authenticity without relying on shared secrets.
-
A Java HTTP proxy server using socket-based request-response forwarding with configurable port binding, timeout handling, and continuous listening loop architecture.
-
Recovering encrypted database passwords from WebLogic server configuration files.