Hi there!

This is a personal blog of 0xCardinal. I write about Information Security, Learnings, CTF WriteUps, etc.

VSCode Security Cover Image

VS Code Security: Looking at the IDE from Security Lens

While perusing StackOverflow's 2023 Developer Survey (yes, we developers have our own version of celebrity gossip), I couldn’t help but notice that our trusty VSCode is still riding high as the undisputed IDE champ. With a whopping 73% of the developer vote, it’s safe to say that VSCode has firmly planted its flag. But, like any superstar, it’s not immune to the spotlight’s glare, especially when it comes to security. And in this blog, we’ll explore the security aspects that every VSCode user should consider....

September 14, 2023 · 6 min · Kumar Ashwin
Investgating Reported CVEs Cover

Investigating Reported Vulnerabilities: A Closer Look!

In vulnerability scanners or penetration testing reports, you might come across statements like “Service version x.y.z is vulnerable to CVE-YYYY-ABCD." However, it’s essential to delve deeper to confirm the actual vulnerability. Let’s consider a real example: We received a vulnerability report indicating a vulnerability ( CVE-2023-23916 ) in curl v7.74.0 within the Debian 11 environment. The CVE documentation mentions: Affected versions: curl 7.57.0 to and including 7.87.0 At first glance, it appears that v7....

July 30, 2023 · 2 min · Kumar Ashwin
Kubernetes Components Cover

Kubernetes Components

In this blog post, we are going to talk about different components used in Kubernetes and what purpose each component serve. We will be talking about the following - Pods Service Ingress ConfigMap Secret Deployment StatefulSet ReplicaSet DaemonSet Use-case that will be used througout the blog will be hosting a web application with application code and database in different pods. Before starting this blog, if you want to learn about the underlying concepts - Read “Kubernetes Concept”...

June 18, 2023 · 7 min · Kumar Ashwin
Rubber Ducky Cover

My Experiments with Raspberry Pi Pico - Poor Man's Rubber Ducky

Mr. Robot Season 2 Episode 9 - “Rubber Duckie, You’re The One” - I was fascinated by this piece of technology when I first saw it many years ago. Then I looked it up on the internet to learn more about it, and it turned out to be HID, or Human Interface Device. It basically imitates users and executes code or performs actions in their place. Since the real rubber ducky was out of my budget, I looked for alternatives and discovered that similar behaviour to the rubber ducky can be achieved using a less expensive piece of hardware - the Raspberry Pi Pico (7$)....

February 4, 2023 · 7 min · Kumar Ashwin
Docker Security Blog Cover Image

Docker Security

Last Updated on 2nd Feb 2023. Containers? Why do we need containers over VMs - Efficient Resource Consumption between containers Once License for services/OS Low Compute Overhead What does docker engine does? Emulates Filesystem Gives each container unique process ID Isolation of container process Communication between the architecture components - Components Docker client (The one user interacts with) Docker Host Docker Daemon Images Containers Registry Docker client using serveral API calls sends the commands to Docker Engine which is being forwarded to containerd....

February 2, 2023 · 7 min · Kumar Ashwin
Zone Identifier Blog Cover Image

Zone Identifier - Is your file downloaded from the internet?

Have you ever wondered, why your file is not working after downloading it from the internet? How does system know if the file is downloaded from the internet? The answers to this is Zone.Identifiers. What are Zone Identifiers? Zone Identifiers is an alternate data stream that points, from where the file came on the users' computer. Note: Alternate Data Streams are included with files on WIndows. This is typically the case with downloaded and blocked files....

October 6, 2022 · 2 min · Kumar Ashwin
DKIM Cover

Understanding DKIM - Email Security Series

DKIM is a technological advancement in the field of email security. SPF prevents non-authorized servers from sending emails, but it does not prevent all attempts at spoofing. This is where our next level of security comes into play. DKIM or Domain Keys Identified Mail aids to the security of the email as it adds a digital signature to every outgoing message, allowing receiving servers to verify that the message came from your organization....

July 26, 2022 · 4 min · Kumar Ashwin
SPF Cover

Understanding SPF - Email Security Series

Sender Policy Framework or SPF is an email authentication platform. It helps in specifying who is allowed to send emails from your domain. Making it harder for fraudsters to spoof sender information. RFC 7208 - https://datatracker.ietf.org/doc/html/rfc7208 SPF Records are used to specify the origin of the email to the world. It can be considered as a public list that specifies where an email is sent from. How does SPF records look like?...

July 25, 2022 · 4 min · Kumar Ashwin