Collaborate Disseminate
My friend walked into work with a porn site loaded into incognito in the background.
He didn’t click it while at work or open chrome it was just a background window.
Would it ping it or anything like that when it connected to wifi?
They… Continue reading Would a porn site open in the background generate network traffic?
My friend walked into work with a porn site loaded into incognito in the background.
He didn’t click it while at work or open chrome it was just a background window.
Would it ping it or anything like that when it connected to wifi?
They… Continue reading Would a porn site open in the background generate network traffic?
I am a student trying to demonstrate an ARP spoofing attack. To test whether my attack was working I decided to use wireshark to sniff the packets on the attacking machine. At first I thought I was able to intercept traffic with my ARP spo… Continue reading Is there a reason why ARP spoofing would be used for spying instead of sniffing promiscuously?
Imagine a web application, which is used for getting og Open Graph tags from url. User can submit a form, which has single url input. Server opens the url in a headless browser, get og:title, og:description and og:image value… Continue reading Leaking details about the user in web application
I registered mydomain.net (with Google domain registration server). In the DNS settings on the google control panel, I say that mail.mydomain.net should go to the email cloud app (business.zoho.com in this case, but that’s pr… Continue reading Certificate warning when I enable DNSSEC
Early this week, Archive.org hosted a dump of a SQL database hacked from a neo nazi forum online known as Iron March at https://archive.org/details/iron_march_201911. While there were some .CSV files, there was also an 750MB SQL database file. With some … Continue reading → Continue reading Using Bulk Extractor for Quick OSINT Wins
I am really at a loss trying to understand why a Metasploit Windows payload is indeed reached (see snapshot from Immunity below), executed (at least partially), but doesn’t pop a calc.exe at all.
The shellcode on its own, te… Continue reading Shellcode is jumped to and executed but runs into error
I have been trying to run a raw piece of shellcode collected on the net within a C wrapper to try it but it never works…
I know the shellcode below is all right because it does work in the context of what the article is al… Continue reading Windows shellcode not working in C
Recently one of the SANS SEC504 labs updated and with the changes came a new set of hashes from the exercises. These hashes are a perfect opportunity to dive a bit deeper and try to determine what hashing algorithm is … Continue reading → Continue reading A Quick Look at MDXFIND
I am building an authentication system to be used within a company’s private network. I do not administer this network, and I know very little about the setup, but my basic understanding is you must be on a local machine or VPN in to acces… Continue reading Is this private network authentication system secure?