SOC-CERT is an AI-powered open-source threat intelligence system that monitors CVEs from CISA, NIST, CERT-FR & OTX, delivering real-time alerts at zero cost. This is a submission for the AI Agents Challenge powered by n8n and Bright Data 🛡️ What I Built ⚡ TL;DR: 📖 Description: 🚀 Unique Innovation: soc-cert-workflow-architecture.png🏗️ Architecture Overview: ⚡ Complete threat intelligence automation pipeline processing 100+…

Intro Grzegorz Tworek recently published some C code demonstrating how to steal and impersonate Windows tokens from a process. The standard way to do this is with the OpenProcess, OpenProcessToken, DuplicateTokenEx, and ImpersonateLoggedOnUser APIs. Grzegorz shows how to achieve the same using Nt* APIs, specifically NtOpenProcess, NtOpenProcessToken, NtDuplicateToken, and NtSetInformationThread. Because I’m a C# junky, I…

What is BadUSB? Using the STM32F407 development board, we’ll study HID device development and implement a low-cost BadUSB. This article uses the development board for testing. Those with the means can also create a PCB prototype and print the enclosure to create a highly realistic BadUSB.BadUSB is an attack that masquerades as a USB HID…

MCP adoption is picking up quickly, so I have been digging into the implementations, especially around security and noticed some serious risks that could become disasters if not handled properly. The new MCP 2025-06-18 spec attempts to address some issues but the reality of most servers with boring security debt will bite you when you…

This article explores how ARMO researchers leveraged the io_uring mechanism to bypass popular Linux security monitoring tools such as Falco and Tetragon. It also demonstrates the workings of the open-source attack tool Curing, explaining its core calls, exploitation process, and potential defense strategies. Background The ARMO research team recently revealed a major flaw in Linux…

This article details methods for debugging packaged Electron applications, including main/renderer process debugging techniques, ASAR file extraction and modification, debugging tool installation, and solutions for common issues like WebSockets request errors, ideal for Electron developers troubleshooting applications. Even after an Electron application has been packaged and distributed, it’s still possible to debug it using various…