24 Oct 2016
Note: The following article is intended to be highly tongue-in-cheek as it points out the glaringly obvious. I do not condone following any of the hypothetical “instructions” outlined in the thought experiment provided. This information is already known to the crooks out there who are doing nasty things to our internet, so its not like writing about it is going to do anyone any harm… The views expressed here are probably my own (on Tuesdays, at least) and do not represent the views of my cat,...
26 Nov 2015
Today there was a critical vulnerability in various VPN providers disclosed by the Perfect Privacy VPN’s security team. This vulnerability can lead to “unmasking” or “decloaking” of VPN users under certain conditions, and after some analysis of how it works, I determined that this issue is of utmost importance to those who use VPN services to mask their bittorrent traffic from MAFIAA scum, as it can allow for ‘uncloaking’ of Bittorrent users quite readily.
12 Sep 2015
This is another lab report dug up from the archives of lab reports for the fun of it.
27 Jul 2015
This is a quick post, kind of a reposting of a thing I pastebinned about a year ago that has served me REALLY well in evading stupid paywalls in airports and the likes. Also in evading a ridiculous firewall at the Uni I sometimes attend.
15 Jul 2015
4 months ago…
I was examining using ‘ElasticSearch’ as a logging mechanism for recording and searching data from a network of honeypots I run. Well, a mixture of ElasticSearch and Kibana, for logging Kippo and suchlike, when I stumbled across a posting on the “Wooyun Drops” Chinese security research blog detailing a vulnerability in the (at the time current) version of ElasticSearch.
08 Jul 2015
This is a quick post to splainz the methodology behind how we were able to make fingerprints for the Hacking Team and Equation Group C&C infrastructure allowing remote identification of their servers, as shown in The Italian Job and Equation Smasher releases on Github.
15 May 2015
Starting the DroidDestructionKit
The following set of instructions will guide you in how to get the DroidDestructionKit toolset up and running on your machine once you have the Virtual Machine Appliance imported into
your installation of Virtualbox.