Metasploitable2 - FTP Exploitation using vsftpd 2.3.4 Backdoor 1. Objective To identify and exploit a known vulnerability in an FTP service running on a vulnerable target machine using industry-standard reconnaissance and exploitation techniques. 2. Lab Environment Component Description Attacker Machine Kali Linux Target Machine Metasploitable2 Network Type Host-only / NAT
A critical kernel privilege escalation that leaves no trace on disk — and how it works It started with a blog post. On April 29, 2026, Theori's research platform Xint Code quietly dropped a URL: copy.fail. Within hours, security teams across the industry were scrambling. A 732-byte Python script — shorter than most .gitignore files — was rooting every major Linux distribution in existence. No race
This post is a continuation of the microservice I've been building. You can check out my last post in this series here. Over the years, I've come across headlines that turned out to be half‑truths or outright hoaxes. Around the same time, I’ve also been spending a lot of time practicing microservice development in Golang, so I started wondering: why not build something that combines both interests
This is Part 1 of a two-part series. Part 2 (coming soon): Connecting to spoke clusters from a controller using multicluster-runtime, driven by ClusterProfile. The Cluster Inventory API (multicluster.x-k8s.io) is driven by SIG-Multicluster and centered on the ClusterProfile resource. It only delivers value when something produces those ClusterProfiles. That something is a cluster manager. Today, t
When developers travel, we usually prepare the obvious things. Laptop charger. But there is one dependency that is easy to underestimate until it breaks: mobile internet. A trip to China makes this especially obvious. Not because China is hard to travel in, but because so many basic interactions are mobile-first: navigation, translation, ride-hailing, hotel communication, ticket confirmations, pay
A gestão de armazenamento na AWS sempre exigiu uma escolha difícil: a escalabilidade e o baixo custo do Amazon S3 (Object Storage) ou a facilidade de montagem e baixa latência do Amazon EFS (File Storage). Para aplicações legadas ou fluxos de trabalho que dependem de comandos de sistema de arquivos nativos, essa escolha muitas vezes significava reescrita de código ou custos elevados de infraestrut
A follow-up: how the architecture works In my previous article, I explained why I built NGB Platform and what problem it is trying to solve: I Built an Open-Source Platform Foundation for Accounting-Centric Business Apps That article was mostly about the why. Why generic web frameworks are not enough for serious business applications. Why large ERP products solve many of the right problems, but
We've been there. JSON Schema gets hard to write as soon as your payload is non-trivial. Conditional logic, cross-field rules, business invariants, and at some point we stop writing contracts at all. We go code-first, generate the schema from annotations, and end up with 200 lines very few understand, and error messages referencing paths like #/properties/items/allOf/0/then/Then that map to nothin