Introduction The Tor network is used by anyone who wants to maintain their online anonymity. There has recently been quite a bit of activity regarding Tor in the media, so I thought it would be helpful to explain a bit about how Tor's peer-to-peer structure is setup, as well as showing how we can create a map of Tor relays and exit nodes. The Basics...

Introduction Disclaimer: I suppose it would be wise to put a disclaimer on this post. Compromising hosts to create a botnet without authorization is illegal, and not encouraged in any way. This post simply aims to show security professionals how attackers could use standard IT automation tools for a purpose in which they were not originally intended....

Introduction In a previous post, I introduced a Twitter bot called dumpmon which monitors paste sites for account dumps, configuration files, and other information. Since then, I've been monitoring the information that is detected. While you can expect a follow-up post with more dumpmon-filled data soon, this post is about how browsers store passwords....

Introduction It's been a while. I suppose finals, projects, etc. will do that. Anyway, I figured it was time to get back to posting content on here as much as possible - and I have some neat projects underway that I'm excited to share soon. For now, I'll continue the previous series covering the IO wargame on smashthestack.org. Analyzing Level 4...

TL;DR I created a Twitter-bot which monitors multiple paste sites for different types of content (account/database dumps, network device configuration files, etc.). You can find it on Twitter and on Github. Introduction Paste-sites such as Pastebin, Pastie, Slexy, and many others offer users (often anonymously) the ability to upload raw text of...

Introduction For years, Backtrack Linux, a penetration testing suite from Offensive Security has been the standard operating system for security testing professionals. However, Offensive Security has just released a new distribution based on Backtrack called Kali Linux which seems to offer quite a few improvements. In a previous post, I showed how...