sueden.social ist einer von vielen unabhängigen Mastodon-Servern, mit dem du dich im Fediverse beteiligen kannst.
Eine Community für alle, die sich dem Süden hingezogen fühlen. Wir können alles außer Hochdeutsch.

Serverstatistik:

1,9 Tsd.
aktive Profile

#http

6 Beiträge6 Beteiligte0 Beiträge heute
Antwortete im Thread

🧵 3/3 - The Making Of

I kept getting #HTTP 413 "Payload Too Large" errors on my #fediverse instance - it's not mine-mine, i'm just a guest here - layer8.space is run by @Sammy8806 (thanks, mate 🖖)

👉 1st, there was 1080p60 with audio
👉 then i trimmed and rendered it out as 720p30 with audio on the Galaxy S7
👉 on the PC, using #ffmpeg, i've removed the audio and rendered it out at 15 fps
👉 i've cropped it to 5 seconds

ffmpeg -i src.mp4 -an -c:v libx264 -vf "fps=15" -t 5 out-15fps-noaudio-5s.mp4

iX-Workshop: API-Design und -Entwicklung mit HTTP, REST und OpenAPI

Lernen Sie, wie man effiziente und benutzerfreundliche APIs entwickelt, HTTP- und REST-Standards anwendet und standardisierte Referenzdokumentationen erstellt.

heise.de/news/iX-Workshop-API-

heise online · iX-Workshop: API-Design und -Entwicklung mit HTTP, REST und OpenAPIVon Ilona Krause
#API#HTTP#IT

A New Breed of Infostealer

A newly discovered .NET-based infostealer, Chihuahua Stealer, combines common malware techniques with advanced features. The infection begins with an obfuscated PowerShell script shared via Google Drive, initiating a multi-stage payload chain. Persistence is achieved through scheduled tasks, and the main payload targets browser data and crypto wallet extensions. Stolen data is compressed, encrypted using AES-GCM via Windows CNG APIs, and exfiltrated over HTTPS. The malware employs stealth techniques, including multi-stage execution, Base64 encoding, hex-string obfuscation, and scheduled jobs. It targets browser data, crypto wallets, and uses unique identifiers for each infected machine. The stealer's sophistication is evident in its use of Windows Cryptography API for encryption and its thorough cleanup process.

Pulse ID: 682345233e3c2b7479bfdf61
Pulse Link: otx.alienvault.com/pulse/68234
Pulse Author: AlienVault
Created: 2025-05-13 13:12:03

Be advised, this data is unverified and should be considered preliminary. Always do further verification.

LevelBlue Open Threat ExchangeLevelBlue - Open Threat ExchangeLearn about the latest cyber threats. Research, collaborate, and share threat intelligence in real time. Protect yourself and the community against today's emerging threats.

RFCs you should probably read if you're bug hunting modern stacks:

* RFC 8820: URI Design and Ownership
* RFC 8725: JSON Web Token Best Current Practices
* RFC 9110: HTTP Semantics
* RFC 9111: HTTP Caching
* RFC 9112: HTTP/1.1
* RFC 9113: HTTP/2
* RFC 9114: HTTP/3

Also worth a read:

* RFC 7230: Message Syntax and Routing
* RFC 7231: Semantics and Content
* RFC 7232: Conditional Requests
* RFC 7233: Range Requests
* RFC 7234: Caching
* RFC 7235: Authentication

#research, #exploitation, #http