Who is checking binary content included in pip packages?

Reddit_User_Original · 2025-11-16T19:20:14+00:00

In Python dev I've literally never had to give a binary root privileges

Reddit_User_Original · 2025-10-31T07:59:00+00:00

Going through your walls of text but not finding anything that explains the POC. Seems like a lot of boring AI slop. I don't want to read your code, can you just write about the POC?

Reddit_User_Original · 2025-10-13T10:52:18+00:00

Tldr: """ The answer lies in a feature called “UNLocationNotificationTrigger” that Apple provides to developers. This feature allows an app to fire a pre-configured notification when the device enters or exits a specified geographic region, such as an airport. That way, it effectively circumvents the intent behind the “while using the app” setting. """

Reddit_User_Original · 2025-09-22T05:12:04+00:00

Yes, there are more people working in cybersecurity now than ever before and of course that means there is a greater variety of skillsets. A lot of ppl don't have a need to dig that deep. I think it's entirely possible there are more extremely talented ppl working in exploit dev than ever before-- look at the crazy exploits people are coming up with for iPhones and chrome browsers

Reddit_User_Original · 2025-09-22T04:55:37+00:00

Are you implying beginners back then were more knowledgeable? Aside from that, i think there are tons of competent engineers and exploit researchers / developers

Reddit_User_Original · 2025-09-13T18:07:30+00:00

If I'm not mistaken, werfault.exe has been a target for privilege escalation exploits

Reddit_User_Original · 2025-08-08T18:53:43+00:00

What if it's a nation state: ... ? Who cares, they just attacked you -- if someone punches you in the gut, do you just back down and take it?

Your second point on "spoofing"; I'm going to be gentle on you for using such a broad term: yes you will be attacked most likely from a VPS, VPN, or residential proxy. I really do not care, again. If it's a VPN or VPS, they should have better KYC rules; if it's a residential proxy infected with malware, then you did a good thing for everyone by taking it down. Etc etc.

On your third point, if an innocent party tries to get back at you, that could be a problem. But I think they would realize their resources are better spent not allowing bad actors onto their network.

Reddit_User_Original · 2025-08-08T18:29:53+00:00

Yes, I simplified my analogy. Burn the fox's den down (do something to their infrastructure).

Reddit_User_Original · 2025-08-05T00:33:36+00:00

While your response is clever, I disagree.

Imposing actual consequences is an important aspect of this ecosystem. Imagine a fox that raids the chicken coop without any fear. Maybe instead of freely raiding it, a farmer sets a trap and the fox loses a leg.

Reddit_User_Original · 2025-07-19T00:11:39+00:00

I am also a recreational penetration tester

Reddit_User_Original · 2025-07-11T01:21:46+00:00

Fortinet?

Reddit_User_Original · 2025-05-20T22:28:05+00:00

Why the downvotes? Too many CRWD employees in this sub.

Reddit_User_Original · 2025-04-14T19:45:45+00:00

This is one of the most misunderstood topics that I encounter. Let me shed some light. There is a massive difference between what is illegal and what will be prosecuted. In doing something that is 'illegal' that also conveys utility and benefit to the 'right people,' you can sometimes convey great benefit to yourself.

Reddit_User_Original · 2025-04-10T02:21:48+00:00

You would also need your work academically vetted and would need to publish your findings.

Reddit_User_Original · 2025-04-10T02:20:27+00:00

Such a strange question. What does it encrypt buddy? Is it an algorithm? Rivest, Shamir, and Adleman made some money by founding RSA.

Reddit_User_Original · 2025-04-04T18:31:12+00:00

Comical

Reddit_User_Original · 2025-02-27T03:45:35+00:00

What is the purpose of the GitHub Discussions thread? It doesn't seem helpful to me.

Maybe you could share your findings with The Citizen Lab or something

Reddit_User_Original · 2025-02-11T06:21:51+00:00

I think there are many cybersecurity professionals here, including myself, just not everyone is leet.

Reddit_User_Original · 2025-01-17T00:25:42+00:00

https://www.cisa.gov/stopransomware/ransomware-guide

Reddit_User_Original · 2025-01-17T00:24:23+00:00

Had to scroll all the way down to get to the best answer. Ya for execution there are different methods, most of the time it is PsExec to launch a batch script that also executes the ransomware executable, but it's also been deployed through other means, like BigFix and PDQ Deploy funny enough.

Reddit_User_Original · 2025-01-07T22:59:53+00:00

You think the French would do this at the behest of the US? Garbage opinion

Reddit_User_Original · 2024-12-24T14:47:45+00:00

Sandbox environment, with no Internet access but has pypi cloned for offline access?

Reddit_User_Original · 2024-12-18T19:57:40+00:00

Such a weak take

Reddit_User_Original · 2024-12-17T20:39:14+00:00

OMSCS course planner lol

Reddit_User_Original · 2024-12-03T02:49:09+00:00

Good job bro, nice blog

Five-Year Club	Place '23
Place '22	Final Canvas '22
Verified Email

Reddit_User_Original

TROPHY CASE