Published inInfoSec Write-upsFuzzing FastCGI : An OdysseyThis is the very long tale of my adventures in fuzzing FastCGI with AFL-Fuzz. If you’re interested in fuzzing a FastCGI binary, look no…Jul 1, 2020Jul 1, 2020
My Weirdest Bug Bounty — Getting PII from O365.TLDR; My boss quit. I registered a domain and found the weirdest vulnerability in my entire career.Mar 14, 20203Mar 14, 20203
How to create a Bitcoin Casino in 5 minutes.The bear market is almost over!Feb 23, 20192Feb 23, 20192
How to create a Bitcoin Exchange in 5 minutes.The bear market is almost over!Feb 23, 2019Feb 23, 2019
How to set up a Tor Exit Node & sniff traffic.I decided to run my own Tor Exit node as a cheap way to add value to humanity. As always, I decided to have some fun with it. This is for…Apr 8, 20182Apr 8, 20182
How to set up your C2 on Tor.Setting up your Command & Control server on Tor is as easy as 1,2,3 and takes less than 5 minutes. This is totally for educational purposes…Jan 11, 20181Jan 11, 20181
How to start hacking the Deep Web.Hacking Deep Web sites is a blast. It really brings me back to my OSCP training days. Every site is horribly written and full of…Jul 19, 2017Jul 19, 2017
Phishing: The Good, the Bad and the Ugly.With the latest GMail OAuth Phishing Attack, someone out there has millions of active email addresses that they will most likely sell…May 10, 20171May 10, 20171
Uncovering an Iranian Phishing Attack.There has been a recent wave of phishing attacks hitting Silicon Valley lately, these attacks have been very effective at spreading and…Jan 22, 2017Jan 22, 2017