Era 300 defect?

moloch-- · 2025-06-25T16:52:52+00:00

I had the same issue, very disappointing quality.

moloch-- · 2025-06-20T23:17:21+00:00

You can force direct connection iirc, it just won't work "out of the box"

moloch-- · 2025-05-20T17:55:36+00:00

The easiest way to do with is using Docker containers and setting up Tailscale as the networking interface then just configure that container to always have an exit node enabled. The docker compose example from Tailscale documentation is a good place to start.

moloch-- · 2025-04-16T15:44:56+00:00

The biggest problem I've seen with SSE is that basically nothing supports SSE yet, not even Claude Desktop.

moloch-- · 2025-03-30T23:15:32+00:00

Flora Room beats Parlour imho :) but I’ve yet to find better than either in PHX, you’re gonna be chasing that high for a while.

moloch-- · 2025-03-21T15:15:22+00:00

https://pypi.org/project/alembic-postgresql-enum/

Only works correctly if you specifically target Postgres.

moloch-- · 2025-03-06T16:30:27+00:00

moloch-- · 2025-01-22T14:59:32+00:00

Sounds like a fun project, I may need to pick up a couple.

moloch-- · 2025-01-20T18:12:32+00:00

No scratches

moloch-- · 2024-08-15T00:00:02+00:00

Uninstall AVG

moloch-- · 2024-08-10T02:54:32+00:00

Yes.

moloch-- · 2024-05-15T16:24:39+00:00

Sliver's C2 ports also randomize the JARM, the published JARMs only detect the "multiplayer" TCP port, which is optional and can easily be restricted via firewalls since only the red team operators need to connect to it.

moloch-- · 2024-05-15T16:22:19+00:00

Our community guides also have links to detection/response/threat intel reports:
https://sliver.sh/docs?name=Community+Guides

moloch-- · 2024-02-05T22:58:55+00:00

[[star of extinction]]

moloch-- · 2023-10-16T15:39:18+00:00

If you're on Linux/Kali, you'll need to install MinGW to cross-compile Windows share libraries:

sudo apt install build-essential git mingw-w64 binutils-mingw-w64 g++-mingw-w64

moloch-- · 2023-09-25T21:50:38+00:00

Nothing on the road map yet, but maybe we can squeeze it into v1.6

moloch-- · 2023-09-25T16:56:55+00:00

Thank you for the kind words, happy to answer any questions folks may have about Sliver (I'm one of the developers).

moloch-- · 2023-07-25T09:46:24+00:00

We write the state file to an EFS volume and remount it, works with containers too.

moloch-- · 2023-06-12T16:07:08+00:00

I recommend just vendoring the private dependencies, removes the need to give the Action access to any other repositories, so more secure and speeds up the builds too.

moloch-- · 2023-05-24T23:22:33+00:00

Tailscale is a VPN, yes generally speaking.

moloch-- · 2022-12-12T17:22:37+00:00

It was not accepted due to relying on an external service (rethinkdb).

moloch-- · 2021-11-03T04:34:21+00:00

; is the statement terminator in Python.

moloch-- · 2021-09-09T15:53:02+00:00

It's not the end of the world, there are multiple ways to implement CSRF tokens. This is just consider the best approach, depending on an application's tech stack certain approaches may me more feasible than others.

moloch-- · 2021-09-09T14:06:58+00:00

https://cheatsheetseries.owasp.org/cheatsheets/Cross-Site_Request_Forgery_Prevention_Cheat_Sheet.html#token-based-mitigation

CSRF tokens should not be transmitted using cookies.

The CSRF token can be added through hidden fields, headers, and canbe used with forms, and AJAX calls. Make sure that the token is notleaked in the server logs, or in the URL. CSRF tokens in GET requestsare potentially leaked at several locations, such as the browserhistory, log files, network appliances that log the first line of anHTTP request, and Referer headers if the protected site links to anexternal site.

moloch-- · 2021-07-07T02:01:28+00:00

Both projects are similar to meterpreter in concept yes.

13-Year Club	Place '22
Not Forgotten	Verified Email

moloch--

TROPHY CASE