5 Aug 2017
Cracking NTLMv2 Hashes With A 1080Ti Graphics Card & Kali
As far as I’m aware it’s not possible to use the power of your graphics card inside VMware Player or VitualBox. Given GPUs are so much quicker at performing that type of computing I installed Kali on a
16 Jul 2017
Steel Con 2017
This was my first trip to Steelcon, I traveled up to Sheffield on the Thursday evening ready for an early start the next day for the workshops that I’d signed up for. After hearing lots of good stuff
15 May 2017
Hack Like A God
After loving the previous book by Sparc FLOW I had to buy his new book “How To Hack Like A God” (also known as “How to Hack A Fashion Brand”). I wasn’t sure how much of the
15 May 2017
Digispark USB Development Board
The technical description of the Digispark is that is an Attiny85 based microcontroller development board similar to the Adruino boards but cheaper, smaller and slightly less powerful. The less technical description is that it’s a small USB device that you can
30 Apr 2017
Pi Zero W & Kali
The Raspberry Pi Zero W can be bought for under £10 which is amazing value for the computing power it possesses. It’s also the smallest of the various models of Raspberry Pi’s which make it great for
10 Apr 2017
How secure is Wonga.com?
Over the weekend money lender Wonga.com announced it has suffered a large data breach that could affect up to 270,000 UK customers. The data stolen includes personal information such as names, addresses, phone numbers and bank details
8 Apr 2017
Passwords In PHP Code
You could have a site/app that scores A+ on SSL checker, have the best http security headers, use the best WAF and have full marks from an external penetration test but there are a few things that could still come
5 Apr 2017
Step by step process for breaking into a Bank
After hearing about a new book titled “How to Hack Like a PORNSTAR: A step by step process for breaking into a BANK” on twitter recently I ordered myself a copy at the weekend and read it
1 Apr 2017
Dump Linux desktop password – mimipenguin
The user huntergrgal on GitHub has today posted a shell script that will dump the login password for the current Linux desktop user. It takes advantage of the cleartext credentials in memory by dumping the process and extracting lines that have a
30 Mar 2017
SQLi Dumper – SQL Injection for anyone
Recently I’ve seen quite a few SQL injection attempts originating from an application called SQLi Dumper. The web applications being attacked were not susceptible to SQL injection and are behind my favourite web application firewall (Incapsula) which