PinnedRunning a fake power plant on the internet for a monthThere is a lot more on the internet than just social media and banking websites…Jan 15, 20211Jan 15, 20211
JSON Smuggling: A far-fetched intrusion detection evasion techniqueTL:DR Insignificant whitespaces in the JSON standard can be used to encode data without breaking the format. This could aid malicious…Feb 7Feb 7
Digital False Flag Operations: A How-To GuidePinning your malicious cyber operations to the oppositionJan 26, 20231Jan 26, 20231
Building a Threat Intelligence Feed using the Twitter API and a bit of codeThe InfoSec community is highly active on Twitter. The platform is, among other things, used is for sharing malware and phishing URLs…May 28, 20222May 28, 20222
Running a WiFi-less Home Network: Security Paranoid EditionAnd a few reason why you should consider it.Nov 15, 20211Nov 15, 20211
The implications of neglecting IPv6 on your internet facing servicesTL;DR: Managing the online exposure of systems can be difficult. Sometimes IPv6 network configurations get forgotten, leading to services…May 12, 2021May 12, 2021
Spoofing JARM signatures. I am the Cobalt Strike server now!TL;DR: JARM is very useful fingerprinting tool, but can be deceived by replaying server hello’s from other services.Dec 25, 20201Dec 25, 20201