When two-factor isn’t enough.

There has been a massive push to encourage users to enable two-factor authentication on their accounts. From in-game rewards to membership discounts two-factor has been strongly encouraged by a number of companies to provide greater security to users, but could this lull users into a false sense of security? As two-factor usage has grown more…

Getting Started with Splunk

Splunk Blog Post Header Image

With the growth of technology into every aspect of our lives, the amount of data being reported back has grown with it. The sheer volume of data means that manually sifting through the data is impossible within a reasonable time frame. Splunk is software whose aim is to sort through this data and highlight any interesting…

Cracking WEP Encryption

WEP Decryption Header

Recently I was tasked with cracking the WEP Encryption of a sample capture generated using Wireshark. With a sample capture provided this didn’t take long and thought I’d do a quick tutorial on how I did it. NOTE: A warning is usually appended to any article concerning the capture of packets on a network and…

Reconstructing a Transmitted File

Finding a JPEG Signature within Hex Fiend

Previously I’ve blogged about taking initial steps using Wireshark to inspect data within a network to see what data might be leaking on a network. If there does happen to be unencrypted information being transmitted on a network you may want to see exactly what that data is in order to know how important the…

Diving into Wireshark

Wireshark Header Image

Public wifi networks are now so prevalent that they have become relied upon by people for a high percentage of their data usage. With the amount of data now consumed on peoples mobiles and the sometimes stingy data packages offered by carriers; public wifi is sometimes used as a the main internet connection on a…

The Endorser by eth0izzle

Example of The Endorser Output

A common trope is that there are only six degrees of separation between all people on the planet. While this may or may not be true; the endorser by eth0izzle is an Open-Source intelligence tool that can help you use the connections between people to find ever more promising potential targets. The endorser uses LinkedIn…

Initial Steps with Nmap

Browsing through the many tools a good pen tester needs, nearly all other tools refer to Nmap. This isn’t surprising as at its core; Nmap is primarily about finding intelligence on a target, such as what services and ports are running and how aggressive the firewall protecting it, if any, may be. While on the…