For almost ten years I have self-hosted a blog but I’ve reached a bitter sweet moment. My site is generating too much traffic for me to continue to operate it […]
Category: General
Every single time I see someone post about how NFTs are a horrible because someone can just screenshot it, I die a little inside. I can’t blame everyone for not […]
Table of contents What is OpenAI? Pandora’s Box is Open Writing blog posts Red Teaming Proving AI is generating tool output Stack Overflow questions and answers How to identify OpenAI […]
The Linux command strings is an incredibly useful tool for finding hidden things in binaries. In this article, we’ll discuss how to use it to uncover hardcoded passwords, API endpoints, […]
The world of computer security was forever changed on March 14th, 2017, when a malicious piece of software known as the Eternal Blue exploit was released into the wild. This […]
The Heartbleed vulnerability is a security flaw in the popular OpenSSL cryptographic software library. It was discovered in April 2014 and affects a significant portion of the Internet’s secure web […]
DevOps is an increasingly popular software development methodology that combines the development and operations teams to create a more efficient and agile system. It has become a key part of […]
What are IDORs? Insecure Direct Object References (IDOR) is a type of vulnerability in web applications that allows attackers to access data that they should not be able to access. […]
I’m not one to give away bug bounty target companies, so once again due to the agreements we enter into with these companies, this company will hence forth be referred […]
Vulnhub is such a great resource for vulnerable virtual machines. Sometimes it can be hit or miss with the realism. At times it’s even laughable that the creator thought you’d […]
I’m back with another great vulnerable boot to root. This time it’s once again one from my favorite site, HackTheBox. If you’re here I’m assuming you already know what HackTheBox […]
Not a ton to talk about for this box. It’s an interesting CTF style machine but I’m not sure I’d rank it in the OSCP prep category. Just something fun […]
This is going to be a fast walkthrough. Nothing fancy here, I’m just going to switch over from vulnhub boxes to hackthebox boxes and I wanted to start with an […]
So it turns out that my raspberry pi webserver wasn’t as invulnerable to software upgrades as it was to hackers…
Unfortunately, <REDACTED> refused to give me permission to disclose this simple vulnerability I found on one of their web servers. So after 11 months after I found it, with zero […]
THIS POST IS NO LONGER UP TO DATE – MINER IN THE MIDDLE WAS REWRITTEN IN PYTHON ON AUGUST 20TH 2020 PLEASE SEE THE GITHUB LINK TO GET THE UPDATED […]
So about six months ago I started researching how to disappear from the internets. I opted out of all the things. I threw mud in the water on social media […]
I managed to get an interview on Hak5 during Defcon 25 this year! Here’s the episode:-D
I’m in the process of hunting for a new VPN because my current one (Nord VPN) disconnects constantly when I use it with my Tomato Router. I recently came across […]
I can’t believe another year has come and gone! This was my fifth year at StirTrek and it was a doozy. This year we had a new venue, a new […]
Look there’s no easy way to say this, so I’m not going to sugar coat it for you. You’re a product. I know people say that all the time but […]
Hey I know it’s been awhile since I posted. I’ve been spending my free time training up for a new company. I recently came across this great site called Open […]
I’m a firm believer in understanding by doing. I wrote this nifty little SMTP enumeration tool and I wanted to share it. -> smtpenum /path/to/user_wordlist <target ip> <target port> That’s […]
So as some of my readers will know, I recently failed my first attempt at the OSCP certification. What many of you probably don’t know however is that I’m a […]
Well it’s been a solid 60 days of everything PWK. I’ve buffer overflowed, injected and weeped at my desk at 3am. #Complete I’m happy to say that this was a […]
Well I know it’s been a few weeks since my last post and I just wanted to provide an update. Since my last post, I have begun my Offensive Security […]
Well it turns out that building that shell payload was the easiest part of the whole processes. Mainly because I have messed around with shells and netcat a little […]
Well this simple task of reproducing a Metasploit exploit is turning out to be a HUGE learning experience. To quickly recap. We want to brute force an Apache Tomcat […]
So after my last post about getting into Tomcat with Metasploit I decided that Metasploit was fun to mess with but if I actually want to learn then I […]
Wow, what a week! I spent no less than 30 solid hours this week (in my free time) going through these books a little more and boy is there […]
Well I have finally pulled the trigger. I’ve decided that I am ready to start moving toward the security side of things. I think this is a natural step for […]
On my never ending journey to becoming a software craftsman, I am once again faced with a fundamental question. To butcher knife or to scalpel?
Just as fast as it came, it is over again… I can’t believe Stir Trek is done. Stir Trek is by far one of my favorite conferences each year. This […]
So it turns out capacitors are actually pretty fun to play with. As you can see from the live feed image of me charging and discharging it over and over […]
Anyone that knows me knows I love a good hardware hack. The thing about working with hardware, especially hardware that you didn’t build, is that it isn’t always easy to […]
I don’t think anyone is immune to it. It’s a not so silent killer. I suffered from it like many people do. Its ugly name? Comfort Zone-itis. Catch it and […]
I am one of the fortunate sons in our field. I was lucky and ended up at a software company in North East Ohio that is one of the best […]
One of the common problems many developers have, regardless if they are working on a personal project, working on a team or even working in the enterprise environment, is answering […]
All men (and I am assuming women) want to leave a legacy. We all want to be remembered for doing something great in this world. We have all experienced the […]