Collaborate Disseminate
AutoRecon is a multi-threaded network reconnaissance tool which
performs automated enumeration of services. It is intended as a
time-saving tool for use in CTFs and other penetration testing
environments (e.g. OSCP).
https://github.com/T… Continue reading AutoRecon is taking too long to complete
I recently received a PDF file that, when attached to a gmail message, causes a warning to be displayed as follows:
Encrypted attachment warning – Be careful with this attachment. This message contains 1 encrypted attachment that can’t be… Continue reading Gmail warns about encrypted PDF file
Scenario:
Vendor 1 needs to upload data (.json, compressed .csv files, images and video) to an Azure blob storage container owned by Vendor 2
Vendor 1 is issued a limited duration SAS token each day to use
Azure does no scanning of incom… Continue reading Security pattern for third party uploads to Azure blob container
Many resources I come across state that one major advantage of full-port scans (e.g. SYN scans) is the fact that there is a lower risk of being logged. But why?
In my opinion, the sequence of segments exchanged in a SYN-scan (SYN >> SYN/A… Continue reading Why are full port scans more susceptible to being logged than half-open port scans?
In helping a corporate user log on to eBay, I noticed that when on the login page, a stream of errors were coming up in the Firefox JS Console about not being able to connect to wss://localhost. This is a bit concerning, obviously. Why wou… Continue reading eBay web site tries to connect to wss://localhost:xxxxx – is this legit or they have some Malware JS running?
When I run the command netstat -a to see the actual connections on my computer, I see all the time that my computer is connected to something like this ec2-xx-xx-xx-xx, not just one address it changes many times
Proto —- local address … Continue reading Why is my computer connected to amazon instances
My personal IPs on AWS are being scanned for 3379. Apparently, this is SOCORFS, registered to one Hugo Charbonneau. This port is getting scanned a lot more often in recent months:
https://isc.sans.edu/port.html?port=3379
Does anyone know … Continue reading Spike in activity with port 3379 (SOCORFS)
I have situation where I have to anlyse the third party components\libraries used in the code within the license terms and no know vulnerabilities.
I know there are tool name blackduck and whitesource which can meet the expectation, but w… Continue reading Are there any c# .net free software composition analysis tools to check opensource component used and its vulnerabilities and license [closed]
On my router(Virgin Media) I found a device labelled as “unknown” I often see the router not assigning the device name but I do have a clue about which device is.
However this specific device got me curious because in the port forwarding … Continue reading Investigate an unknown device connected to router
I know that it’s possible to do a passive scan on all channels to see if an access point sends a beacon. However, is it also possible to listen to general Wifi traffic on that channel and assemble a list of all active devices – both “clien… Continue reading Using an active or passive scan, can I detect all devices connected to or transmitting via a Wifi network?