Основы HTTP для кибербезопасности
В этой статье я хочу разобрать ключевые основы сетевых технологий, которые считаю базой для работы в сфере кибербезопасности более подробно и с примерами. Также стоит уточнить что статья получилась довольно обширной, но я старался писать только ключевые и важные моменты.
https://habr.com/ru/articles/975910/
#http #https #кибербезопасность #пентест #веббезопасность #curl #tlc #сетевые_протоколы
[Перевод] Анализ утечек ресурсов в Go: реальные кейсы и их решение
Команда Go for Devs подготовила перевод статьи о том, как GoLand помогает разработчикам вовремя находить и устранять утечки ресурсов. Файлы, соединения, HTTP-ответы, SQL-строки — всё это может незаметно накапливаться и ломать сервис под нагрузкой. В статье на реальных примерах показано, как одна пропущенная Close() приводит к сбоям, и почему встроенный анализ утечек становится незаменимым инструментом для стабильного продакшена.
HTTP/1 vs HTTP/2 vs HTTP/3 This article provides a detailed, clear-cut analysis of HTTP/1 vs HTTP/2 vs HTTP/3, focusing on how each version improves (or fails to improve) web performance, efficiency, and modern use cases.
What is HTTP?
HTTP stands for Hypertext Transfer Protocol. It’s the foundation of data communication on the World Wide Web. When you visit a website, your browser uses #HTTP to request content (like text, images, videos) ...
Continued 👉 https://blog.radwebhosting.com/http-1-vs-http-2-vs-http-3/?utm_source=mastodon&utm_medium=social&utm_campaign=mastodon.social #quiccloud
NANOREMOTE, cousin of FINALDRAFT
A newly discovered Windows backdoor called NANOREMOTE shares similarities with previously known malware FINALDRAFT. NANOREMOTE's key feature is using the Google Drive API for data exfiltration and payload staging, making detection challenging. The malware includes a task management system for file transfers and incorporates functionality from open-source projects. It communicates with a hardcoded IP address over HTTP, using encrypted and compressed JSON data. NANOREMOTE has 22 command handlers enabling various capabilities such as system reconnaissance, file operations, and command execution. The malware's similarity to FINALDRAFT suggests a shared codebase and development environment between the two threats.
Pulse ID: 6939bd81fe359cfc48685131
Pulse Link: https://otx.alienvault.com/pulse/6939bd81fe359cfc48685131
Pulse Author: AlienVault
Created: 2025-12-10 18:35:45
Be advised, this data is unverified and should be considered preliminary. Always do further verification.
#BackDoor #CyberSecurity #Google #HTTP #InfoSec #Malware #OTX #OpenThreatExchange #RAT #RCE #Windows #bot #AlienVault
»This project exists because there aren't many native graphical HTTP testing applications / graphical alternatives to cURL that are fully #FreeSoftware, and I think the world has had enough of Electron / non-native applications that are anonymously accesible until one day you are forced to create an account and log in to use just to make some investor happy with their numbers or to chug some unwanted artificial intelligence at users.«
Mission Statement for #Cartero, an #HTTP client #software by @danirod. https://cartero.danirod.es/
No matter whether the software is great or not (will try it!), I love that motivation and the clear wording. I think the world needs more software with a mission. 😀
Testing Redirects with Curl
#curl #webdevelopment #devops #webperformance #http #debugging
En 1989-1991, le CERN a vu naître le Web. Tim Berners-Lee & Robert Cailliau ont créé HTML & HTTP pour connecter les chercheurs. Le modèle open source fut décisif, posant les bases de notre société numérique. Un héritage technologique fondamental.
⏩️ https://linkeaz.net/fr/posts/invention-web-html-http-cern-1989-1991
Bun 1.3.4 přináší praktické vylepšení a opravy, které usnadňují vývoj aplikací v JavaScriptu a TypeScriptu. Novinky zahrnují moderní routing, rychlejší testování a stabilnější runtime.
https://zdrojak.cz/clanky/bun-v1-3-4-urlpattern-fake-timers-lepsi-buildy-a-desitky-oprav/
Improve TTFB and UX With HTTP Streaming, by @mb21:
https://calendar.perfplanet.com/2025/improve-ttfb-and-ux-with-http-streaming/
Critical React2Shell Vulnerability Under Active Exploitation by Chinese Threat Actors
A critical vulnerability dubbed 'React2Shell' (CVE-2025-55182) in React Server Components is being actively exploited by Chinese threat actors. The flaw affects multiple versions and packages, allowing arbitrary code execution through crafted HTTP requests. Approximately 39% of scanned cloud environments contain vulnerable React instances, with exploitation attempts showing a near 100% success rate. The vulnerability impacts popular frameworks and libraries bundling react-server. Chinese state-sponsored groups, including Earth Lamia and Jackpot Panda, are reportedly involved in the attacks. Organizations are urged to identify vulnerable assets, apply patches immediately, and block malicious IP addresses associated with exploitation attempts.
Pulse ID: 693709f0f23052bc9faefdc4
Pulse Link: https://otx.alienvault.com/pulse/693709f0f23052bc9faefdc4
Pulse Author: AlienVault
Created: 2025-12-08 17:25:04
Be advised, this data is unverified and should be considered preliminary. Always do further verification.
#Chinese #Cloud #CyberSecurity #HTTP #InfoSec #OTX #OpenThreatExchange #RAT #Vulnerability #bot #AlienVault
Funxy — гибридный язык программирования со статической типизацией
Funxy — гибридный язык программирования со статической типизацией, pattern matching и удобной работой с бинарными данными. Для чего подходит Скрипты и автоматизация. Один бинарник без зависимостей — скачал и работает. Встроенная работа с файлами, JSON, HTTP, SQL. Небольшие приложения. CLI-утилиты, API-сервисы, обработка данных. Работа с бинарными данными. Парсинг на уровне отдельных битов. Сетевые протоколы, форматы файлов, нестандартные структуры. Обучение программированию. Простой синтаксис, но с важными концепциями: типы, pattern matching, иммутабельные структуры данных, рекурсия с TCO (можно писать рекурсивный код без страха переполнения стека).
https://habr.com/ru/articles/974674/
#haskell #monad #tco #скриптовый_язык #разработка_языков_программирования #функциональное_программирование #рекурсия #matching #bitstring #http
.NET 10 Networking Improvements
https://devblogs.microsoft.com/dotnet/dotnet-10-networking-improvements/
#microsoft #NET #Networking #NET_10 #http #net_security #web_sockets
[Перевод] Лучше, чем JSON: почему я перешёл на Protobuf
Команда Go for Devs подготовила перевод статьи о том, почему автор почти десять лет не использует JSON в своих API и предпочитает Protobuf. Он объясняет, как строгая типизация, компактная бинарная сериализация и генерация кода дают разработчикам больше надёжности и скорости.
I have a question for anyone who happens to be knowledgeable about web standards:
The same way we had the (failed?) "DoNotTrack" header... Is there any working group or initiative working on an #HTTP header sent by the browser (or similar mechanism) to signal that the user wants an ecological/lightweight website? Something like "SaveEnergy" or "LowEnergy", or "LightweightMode".
Would it make sense? Or do you foresee that it would fail for some specific reasons?
P.S.: Of course I would prefer if we didn't have to signal our discontent with the unjustifiably big and unoptimized web pages that we are served.
P.S.2: Now I am feeling tempted to write a browser extension for people who want to use "alternative communication channels" (HTTP headers) to "yell" arbitrary stuff at certain websites (It would be glorious if we could coordinate a big "Fuck you, Google", or, in a more positive tone, "Free Palestine!").
No big deal, but the #Wikipedia page of .ng, the #TLD of #Nigeria has a link embedded to #NIRA. The link is plain #HTTP. When opening the page, the #web server does not forward to #HTTPS.
That actually makes me think about a new feature proposal for the #Wikimedia foundation: Why don't you check if websites have a secure HTTPS endpoint, and update all links in your database? Your platform is a huge database of links, thus I'd see the responsibility (at least partially) on your end.
Thanks!
Decreasing Certificate Lifetimes to 45 Days, by @mattm (@letsencrypt):
“Ingress #NGINX, for those who don't know it, is an ingress controller in #Kubernetes clusters that manages and routes external #HTTP and #HTTPS traffic to the cluster's internal services based on configurable Ingress rules.
It acts as a #ReverseProxy, ensuring that requests from clients outside the #cluster are forwarded to the correct backend services within the cluster according to path, domain, and TLS configuration”
Technical Analysis of Matanbuchus 3.0
Matanbuchus, a C++ malicious downloader offered as Malware-as-a-Service since 2020, has evolved to version 3.0. It comprises a downloader and main module, utilizing obfuscation techniques like junk code, encrypted strings, and API hashing. The malware implements anti-analysis features, including an expiration date and persistence via scheduled tasks. It communicates using encrypted Protobufs over HTTP(S), supporting various commands for payload execution, data collection, and system manipulation. Matanbuchus has been associated with ransomware operations and used to distribute other malware like Rhadamanthys and NetSupport RAT.
Pulse ID: 692ff91584de642b1a8cbd3b
Pulse Link: https://otx.alienvault.com/pulse/692ff91584de642b1a8cbd3b
Pulse Author: AlienVault
Created: 2025-12-03 08:47:17
Be advised, this data is unverified and should be considered preliminary. Always do further verification.
#CyberSecurity #HTTP #InfoSec #Malware #MalwareAsAService #NetSupport #NetSupportRAT #OTX #OpenThreatExchange #RAT #RansomWare #Rhadamanthys #bot #AlienVault
