Events Related

  • Shmoocon 2016 –
    ShmooCon is an annual east coast hacker convention hell-bent on offering three days of an interesting atmosphere for demonstrating technology exploitation, inventive software and hardware solutions, and open discussions of critical infosec issues.


  • Routerhunter-2.0 –
    Testing vulnerabilities in devices and routers connected to the Internet.
  • Burp Suite Extension: Burp Importer –
    Burp Importer is a Burp Suite extension written in python which allows users to connect to a list of web servers and populate the sitemap with successful connections. Burp Importer also has the ability to parse Nessus (.nessus), Nmap (.gnmap), or a text file for potential web connections.
  • gophish –
    Open-Source Phishing Toolkit


  • HackStory –
    Advanced Threat’s Stories
  • Exploiting the Diffie-Hellman bug in socat –
    More background information on this vulnerability can be found on Ars Technica and Hacker News, in this post I want to focus on building an exploit.
  • Push To Hack: Reverse engineering an IP camera –
    The Motorola Focus 73 outdoor security camera is packed with features and quite a few surprises – it’s not made by Motorola for starters. It’s the outdoor variant of a family of Blink and Motorola IP cameras manufactured by Binatone which includes baby monitors.
  • Bypassing Rolling Code Systems –
    This blog post will discuss the implementation of Codegrabbing / RollJam, just one method of attacking AM/OOK systems that implement rolling codes (such as keeloq) — these systems are commonly found on modern vehicles and entry systems such as gates and garages.

Vendor/Software Patches


  • There’s a lot of vulnerable OS X applications out there. –
    This short weekend research revealed that we have many insecure applications in the wild. As a result, I have found a vulnerability which allows an attacker take control of another computer on the same network (via MITM).
  • In A UEFI World, “rm -rf /” Can Brick Your System –
    As a public service announcement, recursively removing all of your files from / is no longer recommended. On UEFI distributions by default where EFI variables are accessible via /sys, this can now mean trashing your UEFI implementation.
  • Socat Warns Weak Prime Number Could Mean It’s Backdoored –
    Socat is a versatile command line utility that builds bi-directional communication streams and moves data between channels, including files, network pipes, serial connected devices, sockets or a combination of any of these.
  • PayPal Remote Code Execution –
    In December 2015, I found a critical vulnerability in one of PayPal business websites ( It allowed me to execute arbitrary shell commands on PayPal web servers via unsafe Java object deserialization and to access production databases.

Other News

  • Norse Corp disappears shortly after CEO is asked to step down –
    On Saturday, investigative journalist Brian Krebs, citing sources familiar with the situation, said that Norse Corp CEO, Sam Glines, was asked to step down by the board of directors. The same sources told Krebs that employees were told that they could report to work on Monday, but that there was no guarantee they’d be paid for their work.
  • Hackers leak DHS staff directory, claim DOJ is next –
    On Sunday, an account on Twitter posted a Department of Homeland Security staff directory with 9,355 names. Shortly after the DHS data was posted, the account went on to claim that an additional data dump focused on 20,000 FBI employees was next.