Reinforcement Learning formulas cheat sheet| www.gabriel.urdhr.fr
PortSwigger “Concealing payloads in URL credentials”| /dev/posts/
My experience from the Codingame Spring Challenge 2025.| /dev/posts/
Testing ASCII smuggling| /dev/posts/
Books I read in 2024.| /dev/posts/
Keycloak UMA's implementation seems tricky to me.| /dev/posts/
How to quickly use llama.cpp for LLM inference (no GPU needed).| /dev/posts/
How to quickly use vLLM for LLM inference using CPU.| /dev/posts/
On August 20 1968, Czechoslovakia was invaded by the armies of| /dev/posts/
In a previous post,| /dev/posts/
In the User-Managed Access (UMA) 2.0 protocol,| /dev/posts/
Some notes about Donald Trump's 2025-02-19 weird statements about Ukraine and Volodymyr Zelenskyy.| /dev/posts/
Overview of neural network distillation| /dev/posts/
Some more tips for interacting| /dev/posts/
Some notes on how transformer-decoder language models work,| /dev/posts/
Extracting the system prompt from GitHub CoPilot.| /dev/posts/
In this post, I am describing some payloads which| /dev/posts/
A sequence diagram for WebSub (formerly PubSubHubbub).| /dev/posts/
An interesting note from the FBI.| /dev/posts/
A collection of ASCII-art protocol stack diagrams.| /dev/posts/
A simple way to display image in a terminal using the iTerm2 image protocol.| /dev/posts/
Shell command injection and Emacs Lisp injection vulnerabilities| /dev/posts/
Tutorial on how to get| /dev/posts/
Some commands for interacting with the namespaces| /dev/posts/
Some notes about using Podman instead of Docker,| /dev/posts/
Some context and analysis about attacks on| /dev/posts/
Manually inspecting the content of a French COVID-19 vaccination certificate QR code.| /dev/posts/
I found a cross-origin/same-site request forgery vulnerability| /dev/posts/
I found| /dev/posts/
Some scripts I wrote to enable system-wide push-to-talk| /dev/posts/
Using FlameGraph| /dev/posts/
How I found remote code execution vulnerabilities| /dev/posts/
Here is the workflow I am using to generate simple text documents| /dev/posts/
In Tail Recursion In Python,| /dev/posts/
Live sharing a terminal session to another (shared) host over SSH in| /dev/posts/
While looking at the OpenSSH ssh_config manpage, I found the| /dev/posts/
This is an overview of some recent additions to the SimGrid code| /dev/posts/
There has been some articles lately about Intel Active Management Technology (AMT)| /dev/posts/
FlameGraph| /dev/posts/
A simple way to create IP over| /dev/posts/
In a previous| /dev/posts/
RR is a very useful tool for debugging. It| /dev/posts/
If you try to use mutt, you will wonder how you are supposed to handle| /dev/posts/
How to create a private on-demand PostgreSQL instance accessible only| /dev/posts/
Some notes on the ELF 🧝 file format with references, explanations and| /dev/posts/
In my previous SimGrid post, I| /dev/posts/
Faster Than Light (FTL)| /dev/posts/
In Plasma 5, support for the XEmbed-based| /dev/posts/
How to use html-pipeline in| /dev/posts/
The Executable and Linkable Format (ELF) 🧝 is used for| /dev/posts/
The official guide for verifying| /dev/posts/
A short summary of the logging message workflow with| /dev/posts/
I updated a Geeksphone Peak from| /dev/posts/
Bundler is a tool to manage Ruby gem| /dev/posts/
The Broadband Forum as a lot of technical| /dev/posts/
You might want to use an open recursive DNS servers if your ISP's DNS| /dev/posts/
Some notes on ELF 🧝 loading and dynamic linking mainly for GNU userland| /dev/posts/
Today, I managed to forget a password but I had a Icedove (Thunderbird) process| /dev/posts/
The Apache HTTP server ships with a| /dev/posts/
In an attempt to simplify the development around the SimGrid| /dev/posts/
In two previous posts, I looked into cleaning the stack frame of a| /dev/posts/
In order to help the SimGridMC state comparison code, I wrote a| /dev/posts/
In the previous episode, we implemented a LLVM pass which does| /dev/posts/
Adding a basic LLVM pass| www.gabriel.urdhr.fr
Concealing XSS payloads| www.gabriel.urdhr.fr
GNU/Linux host name resolution| www.gabriel.urdhr.fr
UMA 2.0 diagrams| www.gabriel.urdhr.fr
Notes on X3DH| www.gabriel.urdhr.fr
OpenSSH tunneling guide| www.gabriel.urdhr.fr
Arbitrary code execution through kitty-open.desktop file association| www.gabriel.urdhr.fr
Analysing structured log files with simple tools| www.gabriel.urdhr.fr
Arbitrary file write in Stellarium file association| www.gabriel.urdhr.fr
MIME-type spoofing in Firefox/Thunderbird and file managers| www.gabriel.urdhr.fr
Code execution through MIME-type association of Mono interpreter| www.gabriel.urdhr.fr
OAuth 2.x and OpenID Connect sequence diagrams| www.gabriel.urdhr.fr
Stable Diffusion on an AMD Ryzen 5 5600G| www.gabriel.urdhr.fr
Extract the schema from a remote LDAP server| www.gabriel.urdhr.fr
Impact of the different Wifi security modes| www.gabriel.urdhr.fr
Lack of X.509 TLS certificate validation in OWASP ZAP| www.gabriel.urdhr.fr
DNS rebinding on ReadyMedia/minidlna v1.3.0 and below| www.gabriel.urdhr.fr
Introduction to TLS v1.3| www.gabriel.urdhr.fr
CSRF and DNS-rebinding to RCE in Selenium Server (Grid)| www.gabriel.urdhr.fr
DNS rebinding vulnerability to RCE in GeckoDriver| www.gabriel.urdhr.fr
Introduction to TLS v1.2| www.gabriel.urdhr.fr
Introduction to the Diffie-Hellman key exchange| www.gabriel.urdhr.fr
CSRF to RCE in GeckoDriver| www.gabriel.urdhr.fr
DNS rebinding vulnerability in GUPnP| www.gabriel.urdhr.fr
DNS rebinding vulnerability in pupnp and npupnp| www.gabriel.urdhr.fr
DNS rebinding explained| www.gabriel.urdhr.fr
TUN/TAP interface (on Linux)| www.gabriel.urdhr.fr
Firefox DoH DNS rebinding protection bypass using IPv4-mapped addresses| www.gabriel.urdhr.fr
Introduction to UPnP| www.gabriel.urdhr.fr
DNS rebinding and CSRF vulnerabilites on Samsung TV DIAL implementation| www.gabriel.urdhr.fr
Disable certificate verification on Android with Frida| www.gabriel.urdhr.fr
DNS rebinding vulnerabilities in Freebox| www.gabriel.urdhr.fr
Systemd-resolved DNS configuration for VPN| www.gabriel.urdhr.fr
Using dig as a LLMNR or mDNS CLI lookup utility| www.gabriel.urdhr.fr
Surprising shell pathname expansion| www.gabriel.urdhr.fr
IP address spoofing in order to watch South Park| www.gabriel.urdhr.fr
More example of argument and shell command injections in browser invocation| www.gabriel.urdhr.fr