LATEST ARTICLES

Browser Plugins for Hackers FoxyProxy Add to Chrome Add to FireFox When penetration testing using tools like BurpSuite it is important to change your proxy to point to 127.0.0.1:8080. This also makes browsing the Internet difficult so having a proxy switcher like SwitchyOmega makes...
Hardening ASP.NET Response Headers (Code) A reliable way to harden your ASP.NET web application is to remove and skew the response headers via code. This will throw off automated scans that are performing banner grabbing in an attempt to identify vulnerabilities. There are ways to do this in IIS, however, performing this in code...

PoisonTap

Samy Kamkar's PoisonTap
Samy Kamar a security researcher has developed an IoT device that runs a python script called PoisonTap. This is a great article worth reading. It's affordable and can siphon cookies, expose internal routers and install backdoors.

SSH Tunneling

SSH Tunneling When you need to access a server/client behind a firewall that doesn't allow port forwarding you can use SSH tunneling to bypass that if an SSH server is running. Pivoting is a sneaky technique that hackers use to access computers, servers, and services behind firewalls. These examples will use OpenSSH. I think...
Docker Compose: WORDPRESS_CONFIG_EXTRA The Docker image for WordPress contains a property called "WORDPRESS_CONFIG_EXTRA", this allows code to be passed directly to the wp-config.php file. This is great because you can fully customize your WordPress wp-config.php file. Queryable Variable for Enabling Debug My normal PHP code will not work: