So here is my write up for the vulnhub challenge “Proteus” which can be downloaded from: https://www.vulnhub.com/entry/proteus-1,193/ This interested me as there is no walkthrough as it was released two days ago, and was a straight forward boot to root. Nice … Continue reading
So here is my write up for the vulnhub challenge “Billu: b0x” which can be downloaded from: https://www.vulnhub.com/entry/billu-b0x,188/ This interested me as there is no walkthrough for me to cheat (as I have a tendency to) and it is a “medium … Continue reading
What is an "Apache Jail" and why would I want it? Taken from first result in google: "A chroot jail is a way to isolate a process and its children from the rest of the system. It should only be … Continue reading
It’s no secret that I’m a fan of old-school ASCII rouguelikes, I run a UnNethack server – guis.es. Being on the android binge that I’m currently enjoying I decided to have a play with one of these from the play … Continue reading
What is Iodine? Basically it’s a server that allows you to tunnel traffic through DNS Why would I want this? There are multiple uses for this, the ones that come to mind are: – Get free internet from paid wifi … Continue reading
Another short blog. Best be getting used to these by the looks of things. So again.. lying in bed and I decide to install another game to see how it works. I got a game called “Homeless?” It’s one of … Continue reading
So this is just going to be another short blog post. I was lying in bed playing one of my favourite games “SFCave”. I love it and have been playing for years. However there are some levels that I have … Continue reading
This is going to be a very short post. I wanted to play with some android apps and while roaming the play store came across a small app named “UnHackable” which only has a couple of hundred downloads. “Perfect” I thought, … Continue reading
I had the hypothesis that android IRC clients didn’t store credentials securely. Lets investigate… To decide what to look into I simply searched for “IRC” on the play store. The idea was to test as many as possible. I ended … Continue reading
This is not going to be the usual methodology (identification, assessment, exploitation, analysis) but more how I currently get from receiving a “scope of works” to the final report. Hopefully this will be useful to someone not yet in the … Continue reading
So recently I landed my dream job, recently being about 2 months ago. “What is this job I hear you ask?” well I’m still a security consultant / penetration tester, but this is a work from home job. Very little … Continue reading
I don’t know about you, but I use a lot of programs and scripts that require using the command line. Mostly this is for security applications. However I have recently discovered “zenity” and wow! from wikipedia: “Zenity is free software … Continue reading
I have recently taken a job, so sorry the “services” are no longer available and I will update that page ASAP. Of course I will continue to blog and am still hopeful to break into the security industry. However – … Continue reading
As a computer security person mostly, the other side of security is often overlooked by me (and probably others) this is just a small document to outline some physical risks for a company and things you should be awear of … Continue reading