Mark Manning
@antitree.com
Process isolationist, k8s hacker, ᴎo-prem pusher, syscall denier, container liberator
🔸Chainguard - Product Security
🔸Rochester 2600, IOIOIO Security
🔸Former: Snowflake, NCC Group, Hackerspace starter, BSidesROC Founder
🔸Chainguard - Product Security
🔸Rochester 2600, IOIOIO Security
🔸Former: Snowflake, NCC Group, Hackerspace starter, BSidesROC Founder
Reposted by Mark Manning
I saw a tragically AI-generated version of this poster, so I have recreated a 100% human-made version for all your protest sign needs.
October 18, 2025 at 4:00 PM
I saw a tragically AI-generated version of this poster, so I have recreated a 100% human-made version for all your protest sign needs.
Serious question: how do people buy cars without spending weeks at it? Do you roll into dealerships and just yeet the cash at them?
October 13, 2025 at 7:26 PM
Serious question: how do people buy cars without spending weeks at it? Do you roll into dealerships and just yeet the cash at them?
Took me 3 hours to finally agree that kubernetes will do anything for Node Autoscaling based on available resources ... But it won't do THAT.
October 10, 2025 at 5:09 AM
Took me 3 hours to finally agree that kubernetes will do anything for Node Autoscaling based on available resources ... But it won't do THAT.
This was 2600 meeting last night. It's getting overwhelming when you look closely
October 4, 2025 at 4:40 PM
This was 2600 meeting last night. It's getting overwhelming when you look closely
I have ChatGPT instrumenting Claude so I can failover when it hits its rate limits. And I feel like that's what you're _supposed_ to do.
2025 is wild.
2025 is wild.
September 28, 2025 at 4:11 AM
I have ChatGPT instrumenting Claude so I can failover when it hits its rate limits. And I feel like that's what you're _supposed_ to do.
2025 is wild.
2025 is wild.
Reposted by Mark Manning
Very late on getting this video out the door, but a teeny weeny showcase of the recent Docker for Desktop on Windows & MacOS container escape, CVE-2025-9074 -- proof of concept was included so a simple demo of arbitrary file write & file read on the host: youtu.be/dTqxNc1MVLE
September 3, 2025 at 1:05 PM
Very late on getting this video out the door, but a teeny weeny showcase of the recent Docker for Desktop on Windows & MacOS container escape, CVE-2025-9074 -- proof of concept was included so a simple demo of arbitrary file write & file read on the host: youtu.be/dTqxNc1MVLE
I'm pretty interested in this. Any else going?
queencitycon.org
queencitycon.org
Queen City Conference - Home
Queen City Conference is a 3 day cyber security conference that is held in Cincinnati Ohio between November 7th - November 9th
queencitycon.org
September 8, 2025 at 12:35 PM
I'm pretty interested in this. Any else going?
queencitycon.org
queencitycon.org
I keep looking at Syd sandbox and I can't help but think it's actually implemented everY feature I've wanted... And now it's in the other side like yeah but should we?
crates.io/crates/syd
crates.io/crates/syd
crates.io: Rust Package Registry
crates.io
September 1, 2025 at 4:04 AM
I keep looking at Syd sandbox and I can't help but think it's actually implemented everY feature I've wanted... And now it's in the other side like yeah but should we?
crates.io/crates/syd
crates.io/crates/syd
An answer to everyone's question: "What if a Linux syscall was an anthropomorphic action figure?"
August 24, 2025 at 8:55 PM
An answer to everyone's question: "What if a Linux syscall was an anthropomorphic action figure?"
Here's a writeup for a tool I released at #DEFCON Cloud Village called "pilreg". It also might help if you're playing @neutrino.bsky.social's Kubernetes CTF.
Thanks to @jon.dag.dev for teaching me about whiteout files which this tool hunts for.
www.antitree.com/2025/08/defc...
Thanks to @jon.dag.dev for teaching me about whiteout files which this tool hunts for.
www.antitree.com/2025/08/defc...
DEFCON Tool Release: Registry Pillage 2.0
www.antitree.com
August 10, 2025 at 6:39 PM
Here's a writeup for a tool I released at #DEFCON Cloud Village called "pilreg". It also might help if you're playing @neutrino.bsky.social's Kubernetes CTF.
Thanks to @jon.dag.dev for teaching me about whiteout files which this tool hunts for.
www.antitree.com/2025/08/defc...
Thanks to @jon.dag.dev for teaching me about whiteout files which this tool hunts for.
www.antitree.com/2025/08/defc...
Catching @bouncyhat.bsky.social 's talk in track 4. Pretty excited
August 8, 2025 at 6:20 PM
Catching @bouncyhat.bsky.social 's talk in track 4. Pretty excited
Is @defcon.bsky.social shop pwnd?
DEF CON merch shop shows a default item and no tickets share.google/xhUoAPEPfV77...
DEF CON merch shop shows a default item and no tickets share.google/xhUoAPEPfV77...
DEF CON merchandise shop
DEF CON Merchandise
share.google
August 7, 2025 at 3:19 PM
Is @defcon.bsky.social shop pwnd?
DEF CON merch shop shows a default item and no tickets share.google/xhUoAPEPfV77...
DEF CON merch shop shows a default item and no tickets share.google/xhUoAPEPfV77...
Are you hooked into this yet? Container CTF is pretty awesome.
Come play in one of the two Kubernetes Capture the Flag events we're facilitating at #DEFCON 33!
Fri – Sun : Learning CTF w/ Walkthrough
Saturday: Competitive CTF
First Place Prize (for a team on-site at DEF CON) is a Bambu Labs A1 Mini 3D printer!
containersecurityctf.com
@defcon.bsky.social
Fri – Sun : Learning CTF w/ Walkthrough
Saturday: Competitive CTF
First Place Prize (for a team on-site at DEF CON) is a Bambu Labs A1 Mini 3D printer!
containersecurityctf.com
@defcon.bsky.social
Container Security Capture the Flag
Container Security Capture the Flag
containersecurityctf.com
August 7, 2025 at 12:50 AM
Are you hooked into this yet? Container CTF is pretty awesome.
Trying my best but I'm already exhausted by Vegas and I haven't even left yet.
August 2, 2025 at 2:53 PM
Trying my best but I'm already exhausted by Vegas and I haven't even left yet.
Chainguard let me sneak in a blog post about SLSA and secure build. There's a bunch of really smart people at this company doing cool and hard shit so here's some of it.
www.chainguard.dev/unchained/th...
www.chainguard.dev/unchained/th...
This Shit Is Hard: SLSA L3 and Beyond
Chainguard goes through all the necessary steps to make things SLSA 3 compliant. Get the details on how we do it.
www.chainguard.dev
August 1, 2025 at 2:24 PM
Chainguard let me sneak in a blog post about SLSA and secure build. There's a bunch of really smart people at this company doing cool and hard shit so here's some of it.
www.chainguard.dev/unchained/th...
www.chainguard.dev/unchained/th...
Hey you... want to figure out of your seccomp-bpf container profiles are secure? ssh... don't tell anyone: seccompare.com
July 25, 2025 at 12:23 PM
Hey you... want to figure out of your seccomp-bpf container profiles are secure? ssh... don't tell anyone: seccompare.com
Sometimes I tell people something was generated by AI just so they don't know how much time and effort actually went into building it.
a young man wearing a red hoodie and a yellow headband says " i try really hard actually "
ALT: a young man wearing a red hoodie and a yellow headband says " i try really hard actually "
media.tenor.com
July 24, 2025 at 2:35 PM
Sometimes I tell people something was generated by AI just so they don't know how much time and effort actually went into building it.
If anyone wants a software supply chain security jump scare: Clone hashicorp/vault and run "make". 🫥
July 21, 2025 at 3:17 AM
If anyone wants a software supply chain security jump scare: Clone hashicorp/vault and run "make". 🫥
Shared this post with a friend. Can't top his response:
"Can it run Doom? Yes and no."
"Can it run Doom? Yes and no."
July 20, 2025 at 9:44 PM
Shared this post with a friend. Can't top his response:
"Can it run Doom? Yes and no."
"Can it run Doom? Yes and no."
Transportation security is a nightmare. Imagine building something for 200 years then waking up on a Friday and going "We should probably have the intern look into cyber security" and that's where we're at.
Yikes. Turns out you can send a plaintext radio signal to cause any train in the USA to do an emergency break. The original 'security' was just a checksum, no encryption or authentication. Reporting this took them 12 years (!) because the vendor dismissed it initially www.cisa.gov/news-events/...
End-of-Train and Head-of-Train Remote Linking Protocol | CISA
www.cisa.gov
July 12, 2025 at 7:10 PM
Transportation security is a nightmare. Imagine building something for 200 years then waking up on a Friday and going "We should probably have the intern look into cyber security" and that's where we're at.
My seccomp-diff tool is out which will extract seccomp BPF from a PID/container and let you diff it with other things.
The initial release with @neutrino.bsky.social at Shmoocon was more of a POC. More to come at #DEFCON
www.antitree.com/2025/07/secc...
The initial release with @neutrino.bsky.social at Shmoocon was more of a POC. More to come at #DEFCON
www.antitree.com/2025/07/secc...
Seccomp-Diff: Syscall Accountability Tool
www.antitree.com
July 7, 2025 at 2:43 PM
My seccomp-diff tool is out which will extract seccomp BPF from a PID/container and let you diff it with other things.
The initial release with @neutrino.bsky.social at Shmoocon was more of a POC. More to come at #DEFCON
www.antitree.com/2025/07/secc...
The initial release with @neutrino.bsky.social at Shmoocon was more of a POC. More to come at #DEFCON
www.antitree.com/2025/07/secc...
I won't have stickers this year for summer camp... But I will have Rochester branded swag to represent the 585.
July 7, 2025 at 12:35 PM
I won't have stickers this year for summer camp... But I will have Rochester branded swag to represent the 585.
I'm ramping up for summer camp with some new tricks I learned from a container image layer expert that happens to by my coworker. Come to my Cloud Village talk to dive in. #defcon33
July 7, 2025 at 1:45 AM
I'm ramping up for summer camp with some new tricks I learned from a container image layer expert that happens to by my coworker. Come to my Cloud Village talk to dive in. #defcon33