PinnedGrimminckRunning a fake power plant on the internet for a monthThere is a lot more on the internet than just social media and banking websites…7 min read·Jan 15, 2021--1--1
GrimminckJSON Smuggling: A far-fetched intrusion detection evasion techniqueTL:DR Insignificant whitespaces in the JSON standard can be used to encode data without breaking the format. This could aid malicious…5 min read·Feb 7, 2024----
GrimminckDigital False Flag Operations: A How-To GuidePinning your malicious cyber operations to the opposition5 min read·Jan 26, 2023--1--1
GrimminckBuilding a Threat Intelligence Feed using the Twitter API and a bit of codeThe InfoSec community is highly active on Twitter. The platform is, among other things, used is for sharing malware and phishing URLs…3 min read·May 28, 2022--2--2
GrimminckRunning a WiFi-less Home Network: Security Paranoid EditionAnd a few reason why you should consider it.5 min read·Nov 15, 2021--1--1
GrimminckThe implications of neglecting IPv6 on your internet facing servicesTL;DR: Managing the online exposure of systems can be difficult. Sometimes IPv6 network configurations get forgotten, leading to services…4 min read·May 12, 2021----
GrimminckSpoofing JARM signatures. I am the Cobalt Strike server now!TL;DR: JARM is very useful fingerprinting tool, but can be deceived by replaying server hello’s from other services.3 min read·Dec 25, 2020--1--1