The two quotes above were my inspiration for writing this article, along with the fact people keep asking me “How do I get started in security”. Well, if you’re asking for career advice I’m not your man, but on the learning side of things I think I have a few tips I can give you.
Без рубрики
XSS, Command and SQL Injection vectors: Beyond the Form
Active Directory Not to beat a dead horse, but what about all of the fields you can fill out on an Active Directory or LDAP object? Now that I think about it, maybe it’s time for me to update my ADS Reaper tool. Application Names and Metadata Got an asset tracker that lists the software installed … Read more
Obfuscated 4chan.gif/Invasion.gif/SYS.JSE Decoded and Removal
t of encoding it was using, and folks pointed me to the post at the SAN Internet Storm Center:
But that had few detail on how the encoding was done. Byte_Bucket from Pauldotcom pointed me at a tool called “Windows Script Encoder” from Microsoft that seems to be what was used. After doing some checking, the encoded part of the JSE starts with #@~^ , which is also what the MS tool creates.
Programmable HID USB Keystroke Dongle: Using the Teensy as a pen testing device
Introduction
While I was at Shmoocon 2010, I was given a Phantom Keystroker. It’s a neat little USB dongle which looks like a thumbdrive that you could surreptitiously install in the back of someone’s computer.