Defensive and offensive security in a nutshell

TL;DR The Windows client of  NordVPN  leverages DPAPI (Data Protection API ) to effortlessly save the login credentials of the customers. This is a suitable way for developers to avoid common pitfalls regarding cryptographic implementation and key management. However, this simplistic solution entails trivial plain-text password recovery. The goal of this article is to provide a walk-through on how easy is to dump the VPN credentials in a post exploitation scenario with the help of the mighty  Mimikatz . Analyzing the encryption and decryption routines of NordVPN Few days ago I was playing with what I already consider to be the best .NET debugger,  dnSpy , and the first application I happened to open was NordVPN client v6.23.11.0. After a quick code review I decided to focus on the login routine that auto-connects the VPN at startup. This routine is demanded to the third-party DLL 'Liberation.OS', that in turn, is also developed in .NET. Have a look for the documen

Properly securing your Docker containers can be a cumbersome and time consuming task. The goal of this technical walkthrough is to comfortably guide you through the steps involved in hardening your docker containers and securing your containerized infrastructure. Let's start with the basics, a checklist and common sense best practices, we can then move on to the key point of sandboxing a container: drop capabilities and create ad hoc security profiles. A good example of this is my own project which I have made available in my Github  repository , check it out for a much deeper technical insight. Preliminary steps 1)  Update Docker : Clearly this is the first thing to do, even more so when a clever container escape has been recently disclosed ( CVE-2019-5736 ).   2)  Deploy Only Trusted Docker Images :  enable the  Content Trust feature  for guarantee the authencity and integrity of the pulled images from Docker Hub. You can also arrange an offline registry available in you