Luis Toro (aka @LobuhiSec)Prepare your containers for the worst: a DFIR caseRecently, while talking to a colleague, he explained that he was facing a forensic case involving a service hosted in a container. The…Jun 14Jun 14
Luis Toro (aka @LobuhiSec)inTowards DevAWRBACS: AWACS for RBACTool: https://github.com/lobuhi/awrbacsMay 21May 21
Luis Toro (aka @LobuhiSec)DaemonSets: The Philosopher’s Stone of Lazy SysadminsIn the complex and ever-evolving landscape of system administration, Kubernetes DaemonSets have emerged as a seemingly magical solution…Feb 14Feb 14
Luis Toro (aka @LobuhiSec)The Orange’s RIPE Account Incident: Why Security Matters at Every Layer and ProcessThe cybersecurity world witnessed a concerning incident these days: the compromise of Orange’s RIPE account, obtained through the Racoon…Jan 5Jan 5
Luis Toro (aka @LobuhiSec)Understanding Post-Exploitation: A Crucial Element in Cybersecurity Defense StrategiesIn the digital landscape, cybersecurity is often conceptualized as a fortress that must be defended at all costs. However, this analogy…Nov 8, 2023Nov 8, 2023
Luis Toro (aka @LobuhiSec)Learning Golang: From 0 to multithreading in 3 days thanks to ChatGPTSome of you may already know about my tool byp4xx, a simple script to bypass 40X/HTTP responses that uses different methodologies. It…Jan 27, 2023Jan 27, 2023
Luis Toro (aka @LobuhiSec)Abusing ETCD to Inject Resources and Bypass RBAC and Admission Controller RestrictionsUPDATE 20/10/23: The detailed history below was the initial steps in the research on how to inject resources into etcd. The research…Jan 16, 2023Jan 16, 2023
Luis Toro (aka @LobuhiSec)Las implicaciones de ChatGPT para el sector IT y la ciberseguridadEl lanzamiento de ChatGPT ha sido uno de los eventos más importantes en el sector de tecnología e informática en los últimos años. ChatGPT…Dec 3, 2022Dec 3, 2022
Luis Toro (aka @LobuhiSec)How I made a reliable hacking tools and resources search engine in two days (~6500 entries!)https://lobuhi.github.io/Nov 3, 2022Nov 3, 2022
Luis Toro (aka @LobuhiSec)We all should stop reporting missing headers just because Burp Suite burps itSure, I’ve reported HSTS and cookie secure flags more times that I’d admit just because Burp says so.Sep 9, 20221Sep 9, 20221
