Posts

• Jan 27, 2022 Farewell Mozilla!
• Aug 14, 2020 Why Mozilla?
• Jun 25, 2020 I (got)? Hacked (by)? Personal Finance
• Apr 19, 2019 DIY Spear Phishing Exercises
• Jun 7, 2018 Password Managers as a Phishing Mitigation?
• Mar 16, 2018 Chronological Musing on Securing GitHub Pages
• Feb 1, 2018 Host header injections: what are they good for?
• Aug 11, 2017 Quick and Dirty Unauthenticated Web Application Scanning
• Jul 13, 2017 Anonymized Port Scanning w/ Docker+TOR
• Jul 11, 2017 Passing Blame & Stealing Credit w/ DVCS Metadata Attacks
• Feb 6, 2017 Preventing Subdomain Takeovers for Shared Hosting Providers
• Feb 3, 2017 'Deep Thoughts' on Subdomain Takeover Vulnerabilities
• Jun 23, 2015 Attacking Ruby Gem Security with CVE-2015-3900
• Feb 6, 2015 Stealing RubyGems API Keys during Post Exploitation
• Dec 22, 2014 Signed Ruby Gems: A c7decrypt walk-through
• Sep 22, 2014 Identify Crimeware Strains with Edit Distance
• Aug 18, 2014 Monkey Patching the Matrix
• Feb 14, 2014 'Reversing' Non-Proxy Aware HTTPS Thick Clients w/ Burp
• Oct 14, 2013 Fingerprinting Ubuntu OS Versions using OpenSSH
• Sep 16, 2013 Vino VNC Server Remote Persistent DoS Vulnerability
• May 13, 2013 Securing Continuous Integration Services
• Dec 31, 2012 Getting Terminal Access to a Cisco Linksys E-1000
• Aug 22, 2012 All Your Password Hints Are Belong to Us
• Aug 7, 2012 Stamping Out Hash Corruption, Like a Boss
• Sep 15, 2011 Advanced BNAT in the Wild

subscribe via RSS