-
KRaft: Apache Kafka Without ZooKeeper
Apache Kafka has been a cornerstone of modern event streaming architectures, enabling reliable and scalable data pipelines for businesses worldwide. Traditionally, Kafka has relied on ZooKeeper for managing metadata, configurations, and cluster coordination. However, the introduction of KRaft (Kafka Raft) marks a significant shift in Kafka’s architecture, eliminating the need for ZooKeeper and simplifying cluster management. What…
-
Using Kafka as a Fast Correlation Engine
In this article, we explore how Kafka Streams can be utilized for filtering and correlating events in real time, effectively transforming Kafka into a high-speed correlation engine. By leveraging the capabilities of ksqlDB, you can deploy content rules and filter alerts directly within Kafka. This approach enables real-time filtration and aggregation of log event flows using…
-
Fluentd: How to Use a Parser With Regular Expression (regexp)
This guide explains configuring Fluentd to extract structured data from unstructured log messages using the parser plugin with a regular expression (regexp). If you need to extract specific fields, such as log_source and index, from a log message, you can do this as follows. Input Log: { “message”: “Log source ‘WinCollect DSM – SRV-AD-001’ has…
-
We discovered several vulnerabilities in the Single Sign On components of WatchGuard: the protocol used is insecure and can be redirected, an interface based on the Telnet protocol contains a backdoor and the SSO Agent can be crashed by sending unexpected data.
We discovered several vulnerabilities in the Single Sign On components of WatchGuard: the protocol used is insecure and can be redirected, an interface based on the Telnet protocol contains a backdoor and the SSO Agent can be crashed by sending unexpected data. Go to Source
-
On 17 June 2024, Alexander Neumann will give a lecture at the Hasso Plattner Institut in Potsdam titled “Behind the Screens: Insights and Stories of Real-World Penetration Testing“. The slides are available for download under Talks.
On 17 June 2024, Alexander Neumann will give a lecture at the Hasso Plattner Institut in Potsdam titled “Behind the Screens: Insights and Stories of Real-World Penetration Testing“. The slides are available for download under Talks. Go to Source
-
As of today, RedTeam Pentesting’s website is available in a new design. Your feedback is welcome.
As of today, RedTeam Pentesting’s website is available in a new design. Your feedback is welcome. Go to Source
-
Alexander Neumann held the talk „Der Bitwarden-Biometrie-Unfall – Wenn ein Pentest nebenher einen kritischen Fehler im Passwort-Manager aufdeckt” at the event “Studierende treffen Alumni und Unternehmensexpert:innen” at the FH Aachen University of Applied Sciences. The German language slides are available for download under Publications.
Alexander Neumann held the talk „Der Bitwarden-Biometrie-Unfall – Wenn ein Pentest nebenher einen kritischen Fehler im Passwort-Manager aufdeckt” at the event “Studierende treffen Alumni und Unternehmensexpert:innen” at the FH Aachen University of Applied Sciences. The German language slides are available for download under Publications. Go to Source
-
We’ve published a blog post about a vulnerability we’ve discovered in Bitwarden at the beginning of 2023. It allowed accessing data from the vault without the password in certain circumstances.
We’ve published a blog post about a vulnerability we’ve discovered in Bitwarden at the beginning of 2023. It allowed accessing data from the vault without the password in certain circumstances. Go to Source
-
On 2 October 2023 Jens Liebchen held the talk “Gezielter Ausnahmezustand – Penetrationstests” as part of the event Fachschaftstagung Ingenieurswissenschaften of the Cusanuswerk. The German language slides are available for download under Publications.
On 2 October 2023 Jens Liebchen held the talk “Gezielter Ausnahmezustand – Penetrationstests” as part of the event Fachschaftstagung Ingenieurswissenschaften of the Cusanuswerk. The German language slides are available for download under Publications. Go to Source
-
A new version of monsoon has been released. Our new blog post covers the new features and improvements in detail.
A new version of monsoon has been released. Our new blog post covers the new features and improvements in detail. Go to Source