[security.pimp]

..technology..security..information..freedom..

  • Craft.HTB

    Craft.HTB

    Walk-Thru for Craft.HTB   This is a detailed walk-thru for craft.htb written by dR1PPy Overall the host has been graded with a fair rating. The path to user is not simple, but there are not a lot of rabbit holes to find yourself trapped in. The path to root was fairly easy if you can […]

    Da:JAM

    2020/01/14
    How To’s, htb
  • SwagShop.HTB

    SwagShop.HTB

    Walkthru for SwagShop This is a detailed walk-thru for SwapShop written by dR1PPy Challenges like the one posed by SwagShop are some of my favorite. The ones that require a good combination of skills with toolsets along with skills with chaining exploits. Overall a fun box to beat up on much thanks to ch4p for […]

    Da:JAM

    2019/12/12
    Uncategorized
  • Death by Heartbleed

    With all the news of the Heartbleed SSL flaw in the media this week IT staff have been working to lock things down on servers & services. Here are 3 Simple ways to Identify if a domain is vulnerable to a Heartbleed Method 1 From any host running Chrome Web Browser search for and install the […]

    Da:JAM

    2014/04/09
    Uncategorized
    heartbleed CVE-2014-0160 openssl SSL
  • The Logic behind Password Hashing

    This is a mirror of a post originally found here:  http://security.stackexchange.com/questions/211/how-to-securely-hash-passwords/31846#31846 The Theory We need to hash passwords as a second line of defence. A server which can authenticate users necessarily contains, somewhere in its entrails, some data which can be used to validate a password. A very simple system would just store the passwords themselves, and […]

    Da:JAM

    2014/01/29
    Encryption, Information Security
    hash, password protection, salt, scrypt, sha-256
  • Trolling the Red Team (Part 1)

    Hey looks its a Red Team! Here they come with a few hours of work & a report that will hopefully provide more valuable information than “Here is what Nessus Found”. A simple way to test any Red Team’s worth is with a good trolling and disinformation effort once the engagement is underway.  Good testers […]

    Da:JAM

    2014/01/27
    Uncategorized
  • Making BitCoin with Bots

    In this article we will cover how to quickly setup a trading bot for crypto-currencies. As the difficulty for BTC continues to rise the profit in mining coins continues to drop. A good method to make up those losses is with a trading bot which will work to increase your profit margin by making the […]

    Da:JAM

    2013/12/10
    bitcoin, bots, BTC, Digital Freedoms, gekko, How To’s, Linux, node.js, Proof of Concept, turnkey, Uncategorized
  • Blind Zerg Rush for Security

    While reviewing some old publications I came across this great article that was written just weeks after the 9/11 tragedy in NY. Based on recent events disclosed around the PRISM program and US Government actions against privacy in general the article seems to be very scary with it’s foreshadowing. Here is an excerpt taken from […]

    Da:JAM

    2013/07/12
    Digital Freedoms, Information Security, Security Disclosures, Uncategorized
  • From $40k to Free – The Carberp source leak

    Very interesting source code leak today for the Carberp malware family. This black market malware once being offered for $40k will surely be of interest to anyone who conducts malware & botnet analysis. The leak included a few other tools that helped make it so successful like the bootloader, MC obfuscate, along with various functions […]

    Da:JAM

    2013/06/25
    How To’s, Information Security, Proof of Concept, Uncategorized
  • Backbox Linux: MSF DB Setup

    This article will just provide some quick steps to get Backbox Linux ready with a DB for Metasploit to use. To learn more about any of the framework commands shown below try running them with a ‘-h’ switch to see the help. First start postgresql sudo service postgresql start Then login as the DBA and […]

    Da:JAM

    2013/05/01
    Uncategorized
    metasploit backbox linux msfconsole pentesting penetration nmap
  • How to UN-n00B: Nitko

    Sometimes it really fun to watch people stumble about. Watching the drunk bloke leave the local pub after way to many. Seeing as he stumbles about in his drunken dance trying to stay on his feet. Just before he hits the curb loses his footing and tumbles on his back into the middle of the […]

    Da:JAM

    2012/11/06
    How To’s
    hacking un-n00b unn00b nikto web pentest
←Previous Page
1 2 3 4 … 10
Next Page→

Blog at WordPress.com.

Privacy & Cookies: This site uses cookies. By continuing to use this website, you agree to their use.
To find out more, including how to control cookies, see here: Cookie Policy
 

Loading Comments...
 

    • Follow Following
      • [security.pimp]
      • Join 27 other followers
      • Already have a WordPress.com account? Log in now.
      • [security.pimp]
      • Edit Site
      • Follow Following
      • Sign up
      • Log in
      • Report this content
      • View site in Reader
      • Manage subscriptions
      • Collapse this bar