preloader

CLOAKED Labs

Technical posts on IT security

On how we can keep whispering the syscalls

On how we can keep whispering the syscalls

Disclaimer I started working on this post some time ago, and the new research/stuff was announced in between. I will not address SysWhispers3, very recent technique of Resolving SSN using Exception Directory and many others.

Continue Reading
OSINT with Docker

OSINT with Docker

Often, I find myself using the same tools on bare Windows, on WSL, on Kali VM, and on various remote shells. The installed version or configuration details vary, and I have to debug why things broke instead of simply running the intended tool.

Continue Reading
CVE-2021-26415

CVE-2021-26415

I’d like to share the details of CVE-2021-26415 (CVSSv3.0: 7.8) vulnerability that was patched on 2021-04-13. I found this bug somewhere around October 2020 and worked with Trend Micro’s Zero Day Initiative to report it to Microsoft.

Continue Reading
The gallery of HTTP headers

The gallery of HTTP headers

While learning Golang and working on some first experiments, I started a little side-project: a tool to download HTTP headers of most popular webpages. It would store them in a database, and do some analysis work.

Continue Reading