Airbus CERT's Avatar

Airbus CERT

@airbuscert.bsky.social

We respond to incidents. βœ‰οΈ cert@airbus.com πŸ™ http://github.com/airbus-cert/ πŸ“” https://skyblue.team/

7 Followers  |  0 Following  |  2 Posts  |  Joined: 31.03.2025  |  0.7362

Latest posts by airbuscert.bsky.social on Bluesky

Analyzing the unsafe chroot behavior of sudo CVE-2025-32463 | Sky Blueteam A story of a bee, a sandwich and a crab

🐝 New blog post at skyblue.team/posts/unsafe...

At Airbus CERT, we worked on the sudo CVE-2025-32463 to create detection and hunting rules.
Based on the underlying vulnerability, we developed an eBPF based tool to monitor unsafe chroot behavior regarding NSS reloading.

github.com/airbus-cert/...

04.11.2025 15:30 β€” πŸ‘ 1    πŸ” 1    πŸ’¬ 0    πŸ“Œ 0
Preview
GitHub - airbus-cert/minusone: Powershell Linter Powershell Linter. Contribute to airbus-cert/minusone development by creating an account on GitHub.

New release of minusone (v0.4.0) with a lot of new deobfuscation pattern : github.com/airbus-cert/...
🚨Online version : minusone.skyblue.team 🚨
#powershell #deobfuscation

30.07.2025 07:12 β€” πŸ‘ 2    πŸ” 1    πŸ’¬ 0    πŸ“Œ 0

Ever dreamt of parsing the $I3O INDX files from a 80GB drive in under 10 seconds? ⏱️

Dream no more ✨ Courtesy of @eeriedusk.bsky.social and #RustLang πŸ¦€πŸ¦€πŸ¦€

#DFIR #Forensics

25.06.2025 12:09 β€” πŸ‘ 2    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0