5 Aug 2017

Cracking NTLMv2 Hashes With A 1080Ti Graphics Card & Kali

By Paul M On 5 August 2017 In Security
As far as I’m aware it’s not possible to use the power of your graphics card inside VMware Player or VitualBox. Given GPUs are so much quicker at performing that type of computing I installed Kali on a
0 Comments
Read More
16 Jul 2017

Steel Con 2017

By Paul M On 16 July 2017 In Security
This was my first trip to Steelcon, I traveled up to Sheffield on the Thursday evening ready for an early start the next day for the workshops that I’d signed up for. After hearing lots of good stuff
0 Comments
Read More
15 May 2017

Hack Like A God

By Paul M On 15 May 2017 In Security
After loving the previous book by Sparc FLOW I had to buy his new book “How To Hack Like A God” (also known as “How to Hack A Fashion Brand”). I wasn’t sure how much of the
0 Comments
Read More
15 May 2017
Digispark USB

Digispark USB Development Board

By Paul M On 15 May 2017 In Security, Penetration Testing
The technical description of the Digispark is that is an Attiny85 based microcontroller development board similar to the Adruino boards but cheaper, smaller and slightly less powerful. The less technical description is that it’s a small USB device that you can
0 Comments
Read More
30 Apr 2017
Kali on Pi

Pi Zero W & Kali

By Paul M On 30 April 2017 In Security, Fun Stuff
The Raspberry Pi Zero W can be bought for under £10 which is amazing value for the computing power it possesses. It’s also the smallest of the various models of Raspberry Pi’s which make it great for
0 Comments
Read More
10 Apr 2017

How secure is Wonga.com?

By Paul M On 10 April 2017 In Security
Over the weekend money lender Wonga.com announced it has suffered a large data breach that could affect up to 270,000 UK customers. The data stolen includes personal information such as names, addresses, phone numbers and bank details
0 Comments
Read More
8 Apr 2017

Passwords In PHP Code

By Paul M On 8 April 2017 In PHP
You could have a site/app that scores A+ on SSL checker, have the best http security headers, use the best WAF and have full marks from an external penetration test but there are a few things that could still come
0 Comments
Read More
5 Apr 2017

Step by step process for breaking into a Bank

By Paul M On 5 April 2017 In Security
After hearing about a new book titled “How to Hack Like a PORNSTAR: A step by step process for breaking into a BANK” on twitter recently I ordered myself a copy at the weekend and read it
0 Comments
Read More
1 Apr 2017

Dump Linux desktop password – mimipenguin

By Paul M On 1 April 2017 In Security, Linux
The user huntergrgal on GitHub has today posted a shell script that will dump the login password for the current Linux desktop user. It takes advantage of the cleartext credentials in memory by dumping the process and extracting lines that have a
0 Comments
Read More
30 Mar 2017

SQLi Dumper – SQL Injection for anyone

By Paul M On 30 March 2017 In Security
Recently I’ve seen quite a few SQL injection attempts originating from an application called SQLi Dumper. The web applications being attacked were not susceptible to SQL injection and are behind my favourite web application firewall (Incapsula) which
0 Comments
Read More