Tags
- 编程珠玑 2
- 算法 5
- 书单 1
- 数论 1
- Pin 1
- 基础知识 4
- exploit 6
- 破解 2
- Windows原理 1
- SEH 1
- 史记 3
- 密码学 1
- 书评 1
- Linux内核 10
- 应聘 1
- Linux 2
- QEMU 9
- 虚拟化 23
- XEN 2
- 内核 27
- Python 1
- 符号执行 2
- windows内核 1
- 漏洞 4
- qemu 3
- kvm 1
- KVM 2
- SECCOMP 1
- glibc 1
- eBPF 1
- trace 3
- perf 1
- 网络 1
- container 5
- runc 3
- Java 1
- 漏洞分析 5
- 容器逃逸 2
- 容器 1
- gVisor 1
- 技术 4
- 安全 1
编程珠玑
算法
书单
数论
Pin
基础知识
- linux-tracing-workshop-part 3
- linux-tracing-workshop-part 2
- linux-tracing-workshop-part 1
- autotool工具简介
exploit
- VMware COM1虚拟机逃逸漏洞分析
- VENOM漏洞分析与利用
- exploit编写笔记3——编写Metasploit exploit
- exploit编写笔记2——基于SEH的exploit
- 一道XDCSC2010溢出题
- exploit编写笔记1——基于栈的溢出
破解
Windows原理
SEH
史记
密码学
书评
Linux内核
- Linux kernel networking: a general introduction
- Anatomy of the Linux block device driver
- Anatomy of the Linux 'bdev' file system
- Anatomy of the Linux device driver model
- Anatomy of the Linux loadable kernel module
- Anatomy of the Linux character devices
- Linux内存管理概述
- Linux进程地址空间简介
- Linux文件扩展属性以及从内核中获得文件扩展属性
- Linux内核中从inode结构得到文件路径名
应聘
Linux
QEMU
- make QEMU VM escape great again
- QEMU interrupt emulation
- QOM Property
- qemu热迁移简介
- QEMU-KVM中的PIO处理
- QOM介绍
- QMP简介
- 通过QEMU调试Linux内核
- QEMU参数解析
虚拟化
- Run lguest on Linux kernel 4.4
- QEMU RCU implementation
- kvm performance optimization technologies, part two
- My qemu/kvm book has been publicated
- kvm performance optimization technologies, part one
- vDPA kernel framework introduction
- Linux vsock internals
- A brief overview of cloud-hypervisor, a modern VMM
- qemu VM device passthrough using VFIO, the code analysis
- VFIO driver analysis
- VFIO usage
- QEMU interrupt emulation
- QOM Property
- KVM MMIO implementation
- Local APIC virtualization
- Analysis of a 0x5c BSOD caused by timer interrupt in KVM when VMs reboot
- QEMU-KVM中的PIO处理
- QOM介绍
- QMP简介
- 通过QEMU调试Linux内核
- CentOS 6.7为Xen 4.5虚拟机搭建桥接网络
- CentOS 6.7源码安装Xen
- QEMU参数解析
XEN
内核
- seccomp user notification
- hello world driver
- QEMU RCU implementation
- kvm performance optimization technologies, part two
- My qemu/kvm book has been publicated
- kvm performance optimization technologies, part one
- Linux kernel perf architecture
- vDPA kernel framework introduction
- How eBPF program connects with tracepoint
- Linux tracing - trace event framework
- Linux tracing - kprobe, uprobe and tracepoint
- Linux vsock internals
- Write eBPF program in pure C
- cgroups internals
- pid namespace internals
- user namespace internals
- VFIO driver analysis
- intel IOMMU driver analysis
- IOMMU introduction
- Linux static_key internlas
- KVM async page fault
- system call analysis: mount
- vsyscall and vDSO
- Anatomy of the seccomp
- dkms 101
- Linux内核编译系统kbuild简介
- 通过QEMU调试Linux内核
Python
符号执行
windows内核
漏洞
qemu
- qemu VM device passthrough using VFIO, the code analysis
- qemu/kvm dirty pages tracking in migration
- Add a new qmp command for qemu
kvm
KVM
SECCOMP
glibc
eBPF
trace
- How eBPF program connects with tracepoint
- Linux tracing - trace event framework
- Linux tracing - kprobe, uprobe and tracepoint
perf
网络
container
- containerd CVE-2022-23648: path traversal never die
- Container escape using dirtypipe
- runc internals, part 3: runc double clone
- runc internals, part 2: create and run a container
- runc internals, part 1: usage, build and source architecture
runc
- runc internals, part 3: runc double clone
- runc internals, part 2: create and run a container
- runc internals, part 1: usage, build and source architecture
Java
漏洞分析
- Why Golang eat my fd 3 in child process
- CVE-2021-3493 Ubuntu overlayfs privilege escalation vulnerability analysis
- containerd CVE-2022-23648: path traversal never die
- Container escape using dirtypipe
- CVE-2022-0492: how release_agent escape become a vulnerability
容器逃逸
容器
gVisor
技术
- Run lguest on Linux kernel 4.4
- The anatomy of chroot escape
- Multi-thread process can't unshare pid namespace (in some old Linux version)
- Linux process capability change through execve syscall