PinnedRunning a fake power plant on the internet for a monthThere is a lot more on the internet than just social media and banking websites…Jan 15, 2021A response icon1Jan 15, 2021A response icon1
JSON Smuggling: A far-fetched intrusion detection evasion techniqueTL:DR Insignificant whitespaces in the JSON standard can be used to encode data without breaking the format. This could aid malicious…Feb 7, 2024Feb 7, 2024
Digital False Flag Operations: A How-To GuidePinning your malicious cyber operations to the oppositionJan 26, 2023A response icon1Jan 26, 2023A response icon1
Building a Threat Intelligence Feed using the Twitter API and a bit of codeThe InfoSec community is highly active on Twitter. The platform is, among other things, used is for sharing malware and phishing URLs…May 28, 2022A response icon2May 28, 2022A response icon2
Running a WiFi-less Home Network: Security Paranoid EditionAnd a few reason why you should consider it.Nov 15, 2021A response icon1Nov 15, 2021A response icon1
The implications of neglecting IPv6 on your internet facing servicesTL;DR: Managing the online exposure of systems can be difficult. Sometimes IPv6 network configurations get forgotten, leading to services…May 12, 2021May 12, 2021
Spoofing JARM signatures. I am the Cobalt Strike server now!TL;DR: JARM is very useful fingerprinting tool, but can be deceived by replaying server hello’s from other services.Dec 25, 2020A response icon1Dec 25, 2020A response icon1