RattleSploitable

Introduction  At some point, we had to dive into developing programs in eBPF, and that time has finally come. In this post, we'll explore several different approaches to writing eBPF programs, including powerful tools like Cilium and BCC. I'll highlight the methods that I find most efficient and convenient, because as developers, our goal is to write code quickly and effectively, without unnecessary complications. So let's get straight to the point and see how we can streamline our eBPF development workflow.  I think I should clarify, my go-to method of coding eBPF programs is with Cilium and their bpf2go library. A spectacular and simple way of coding programs in kernelspace, with C like syntax, and a very comfortable way of adapting the userspace with Golang. It turns out that all you need to do that is the big brain of the people in Cilium. I won't spoil anything just yet, but keep in mind that all my tinkering with eBPF has been done with bpf2go .   I st

Introduction     As the title suggests, in this post we'll be discussing many things about Assembly language. This is a series I have been wanting to make for a while now. My experience with Assembly Languages started way back in 2018 when I was in College. There we had a particular subject called Computer and Network Fundamentals where we had to tinker with MIPS Assembly (talk about fundamentals). It was love at first sight.     Now it's been a few years since then, so my skills at programming with assembly language got a bit better (not by much though). In case there's anyone else in this world that would like to start writing a few programs with this wonderful technology, this post and most likely the few following are gonna be of great help, I hope. What exactly is Assembly Language?      All this talk about Assembly is great, but what exactly is it? I’m guessing most of you already have a basic understanding of what Assembly language is and how it funct

 Introduction     Hey there, tech enthusiasts! If you've been following along, you’re probably as a bit more familiar on what eBPF is and how it works. If not, do not fret. You can go an read my first post, The magic of eBPF I , where we’ve seen how this technology lets us peer into the depths of the Linux kernel, optimize performance, and bolster security. But like all powerful tools, eBPF isn’t all sunshine and rainbows.      Welcome to Part 2 of our eBPF series, where we delve into the flip side of this shiny new toy: the Challenges and Limitations . We’ll talk about the steep learning curve you might face, issues of compatibility with different kernel versions, potential performance overheads , and the security considerations you need to keep in mind when working with eBPF. Consider this your eBPF bootcamp, preparing you for the real-world hurdles you might encounter. Challenges and Limitations Learning curve complexity     Diving into eBPF is like jumping into the deep end

 Introduction     This post has been mainly inspired because I've been tinkering with eBPF for the past few months, getting to know it works. Now that I have what could be consider "Solid" knowledge on the matter, I thought to share and tell my experience and the possibilities I foresee with this technology.     If I say that the technology world, especially IT, is in constant evolution and change I surprise no one however, it's been a long time since we get something so potentially game-changing as eBPF is. Originally, it was designed to filter network packets, but now has grown into an incredibly versatile and powerful tool that enables developers and security engineers to run sandboxed programs in the Kernel space.     I'm fully aware that the moment you read Kernel a shiver was sent down your spine, and if it's not the case, I'm glad to meet another fellow low-level enthusiast. Regardless, you shouldn't be scared of any of this. To you as a pro