Virtualization has long been a staple of nearly every enterprise infrastructure. Any admin has either used a hypervisor or at least experimented with one. We’ve already covered how to deploy a virtualization host, so today we’ll focus…
CONTINUE READING 🡒 Category: Security
5 Essential OSINT Tools: Building a Network Reconnaissance Toolkit
OSINT (open-source intelligence) can be incredibly useful, especially during incident investigations. Most people know the theory—what to look for and where—but in practice the data sets are so large that going through them by hand is impossible,…
CONTINUE READING 🡒 
Total Commander Reverse Engineering: Bypassing Protection in All Versions
Total Commander (formerly Windows Commander) is a popular graphical file manager for Windows. You can find plenty of methods to crack it on warez sites. Their perennial downside is how kludgy they are: every time a new…
CONTINUE READING 🡒 
Ghidra vs IDA Pro: What the NSA’s Free Reverse Engineering…
In March 2019, the U.S. National Security Agency (NSA) released a reverse‑engineering toolkit called Ghidra. I’d first come across the name a couple of years earlier in WikiLeaks leaks and was very curious about what the NSA…
CONTINUE READING 🡒 
Gridcoin: Earn Cryptocurrency Rewards for Scientific Computing
While some people mine crypto, others crunch scientific data. Until recently, you had to choose between profit and altruism, since most distributed computing projects don’t offer payouts. Now there’s a third‑party rewards program, and it’s already showing…
CONTINUE READING 🡒 
How to Install VirtualBox on Tails OS and Route VM…
Tails is the best operating system if your goal is to maximize your anonymity online. But it has a few quirks, and one of them is that you can’t properly install VirtualBox using the standard tools. We’ll…
CONTINUE READING 🡒 
DIY USB HID Attack Device: Building and Programming a BadUSB…
USB’s versatility creates a broad attack surface: researchers at Ben-Gurion University have identified nearly three dozen ways to weaponize USB. In this article, we’ll examine one of the most effective approaches—automating keystroke injection using a DIY HID-class…
CONTINUE READING 🡒 
OAuth successors. Attacks targeting OpenID Connect
OpenID Connect is a reenvisioning of the OAuth protocol; it was designed to solve the authentication problem and patch security holes in the original specification by making the standard more stringent and demanding. But people continue making mistakes, and misconfigs resulting in vulnerabilities still occur. This article…
CONTINUE READING 🡒 
Build a Privacy-First Smartphone Without Backdoors—Why It’s Easier Than You…
What does your phone know about you? How securely does it store your data, and who can access it? Fortunately, you can now build and program your own mobile phone in just a few days. That’s exactly…
CONTINUE READING 🡒 
Two Alfa USB Wi‑Fi adapters are better than one: preparing…
In earlier articles on pentesting Wi‑Fi access points, we covered the basics; now it’s time for more advanced techniques. We’ll look at adapter specifics and turn up the power on our dongle. This is necessary to use…
CONTINUE READING 🡒 
Inside Drone Software: How UAVs Are Programmed for Autonomous Flight
Flying a quadcopter is an art in its own right, and writing the software that lets it fly autonomously is just as exciting. In this article, I’ll show how to build a Python program to pilot a…
CONTINUE READING 🡒 
Ansible: Automating System and Application Deployment
Ansible is a tool almost everyone has heard of, but it’s mostly used by system administrators. Developers and researchers typically encounter it when they need to spin up their own servers or deploy an existing configuration. That…
CONTINUE READING 🡒 
How Digital Audio Encoding Works: Sampling, Quantization, Bitrate, and Codecs
Ever wondered how digital devices play back sound? How a stream of ones and zeros becomes an audible signal? If you’ve started reading, you probably have. In this article, you’ll learn how different audio formats came about,…
CONTINUE READING 🡒 
Supercharge Nmap: Advanced Penetration Testing with Firewall Evasion, Dirbusting, DoS…
Nmap is the gold standard among port scanners and one of a pentester’s most important tools. But can you honestly say you’ve mastered all its features and use cases? In this article, you’ll learn how to use…
CONTINUE READING 🡒 
Wardriving Hardware Guide: Building a Wi‑Fi Pentesting Toolkit with USB…
Wardriving—essentially Wi‑Fi traffic capture—always starts with choosing the right hardware. That’s exactly what we’ll do: in a handy Q&A, we’ll break down what devices are out there, which tasks they’re best suited for, and what to pick…
CONTINUE READING 🡒 
Build a Custom, Debloated Windows 10 ISO the Easy Way
Building your own OS distributions is a favorite pastime among Linux enthusiasts. It’s often assumed that Windows users don’t get to enjoy anything similar. Not quite: there are ways to strip unnecessary components from a Windows 10…
CONTINUE READING 🡒 
60+ Gift Ideas for Hackers: Best Geeky Gadgets for Friends…
We’ve rounded up 60+ gadgets, so you’re bound to find something to delight your geeky friends for New Year’s or any other occasion—or (we’ve all been there!) a great way to spend the gift cash from relatives…
CONTINUE READING 🡒 
Unmasking Shingled Magnetic Recording in Western Digital and Seagate HDDs
Until recently, the savvy user—the kind who doesn’t mind spending a few days on forums—knew this as gospel: Seagate’s consumer drives use SMR (shingled magnetic recording), which is bad, and Western Digital’s don’t. Lots of people based…
CONTINUE READING 🡒 
Crypto drainers. New scam empties crypto wallets automatically
Drainers represent a new type of phishing that is currently ravaging the cryptocurrency world. It’s growing at an incredible speed and has already surpassed ransomware in terms of prevalence and stolen funds. This article provides an insight into drainers, their operational principle, and the market that emerged on their…
CONTINUE READING 🡒 
Crypto Mining Made Easy: Automate Your Operations and Optimize Performance
Lately, the mining landscape has changed fundamentally. With around a thousand altcoins now, focusing on a single cryptocurrency has become too risky. Exchange rates and mining difficulty are constantly in flux. Keeping up and manually switching to…
CONTINUE READING 🡒