Category: Blog

Security Misconceptions 2020

Yesterday I did a SANS @Mic talk where I presented on common security misconceptions. The talk discovers many pits and fallacies we make while consulting ourselves and others within information security. I hope it’s interesting! You can find it here:

07/05/2020
Youtube Series – Bookshelf review

A series on the books on my bookshelf has been completed. You can find all the videos here: https://www.youtube.com/playlist?list=PLag7W-lJE2Aw4m1754iJd3tQlgnr4eAeQ

07/04/2020
Youtube Series – Web Hacking

I’ve got 27 videos on how to work with web hacking, working through the popular wargame OverTheWire.org, specifically the game called Natas. Check out my videos here: https://www.youtube.com/playlist?list=PLag7W-lJE2Aw8hzezQl17ZlE6CfNS3nYu

05/03/2020
Gmail alert on senders who might be trying to phish you

I noticed a great new alert today on my GMail account. Previously I’ve received emails from David Cohen on his business email, however he suddenly sent me an email from his private email address. This sparked Gmail to give me an alert, saying that this individual might be pretending to be someone they’re not. Pretty […]

29/03/2019
Netcat backdoor without -e and mimicking Netcat with bash

Netcat backdoor without -e (execute option) Netcat is installed by default on a lot of Linux systems, however we are seeing more and more Netcat’s are compiled without the -e option. The -e options allows us to execute and serve an executable over the connecting socket. It is incredibly handy feature, both for controlling an executable over a network connection, […]

15/10/2017
Smart House Attack Vectors

There’s a very healthy debate going in Norway right now regarding Smart Home security. Internet of Things security is poor, as proved multiple times before by researchers, malware and even worms. Are our devices, and private information safe, just because we got a WPA2-PSK enable WIFI network, and strict firewall rules? In this blog post I’d […]

09/10/2017
Case Study: Breaking into the Smartest Smart Houses

Because media wont be able to cover all the technical details, and also I don’t want to engage in responding to comments on different news sites, I thought I’d rather share my methodology here. Hopefully you’ll take the time to read this story on how I tried to hack this smart house, and perhaps pick […]

04/10/2017
Updating the HackRF One’s firmware

Instructions might be a bit unclear on how to ugrade the HackRF’s firmware, so here’s a short step-by-step guide. Download your appropriate HackRF release: https://github.com/mossmann/hackrf/releases/ Extract: tar -xfv hackrf-2017.02.1.tar.xz Open up the folder containing the firmware: cd hackrf-2017.02.1/firmware-bin/ Update the SPI flash: hackrf_spiflash -w hackrf_one_usb.bin Update the CPLD: hackrf_cpldjtag -x hackrf_cpld_default.xsvf Press the reset button and let it […]

23/09/2017
Detecting if Volume Shadow Copies has been explicitly disabled through registry

Ransomware is very fond of disabling Volume Shadow Copies when infecting targets. Here is a script to remotely detect if Volume Shadow Copies has been disabled. First, we use PSExec from Microsoft Sysinternals and a local reg query command. This is useful if you only have a list of IP addresses, not hostnames of the […]

13/05/2017
Mapping attack surface for Ransomware / Cryptolocker

With all the ransomware hitting everyone, everywhere, I decided to share my scripts on how I map the attack surface of internal threats, and subsequently ransomware / cryptolocker. It is not fully automated yet, but hopefully sharing this will give people the right ideas, and perhaps some might even automate it. For now, this only […]

13/05/2017