Hacker/Infosec Con Types & Getting More Out Of Hacker/Infosec Conferences |
(Posted 04/05/2019) |
A Digital Handbook for the Recently Deceased |
(Posted 06/14/2018) |
DerbyCon 2014 Higher Education Panel for Hackers Irongeek’s Thoughts |
(Posted 11/22/2014) |
Critically Plagiarizing?: Ideas On Spotting Plagiarism |
(Posted 12/02/2013) |
Unicode
Security Notes Page |
(Posted 09/18/2013) |
Security and Software Defined Networking: Practical Possibilities and Potential
Pitfalls
This is a short paper I wrote for class involving SDN (OpenFlow specifically) and
it's potential ramifications in the infosec world. |
(Posted 12/16/2012) |
Raspberry Pi Recipes
On this page I'll be posting little security ideas for the Raspberry Pi. |
(Posted 06/28/2012) |
Running an I2P Svartkast on the Raspberry Pi: Even more cheap hardware to leave
on someone else's network
This is sort of a sequel to a previous article I wrote titled "Running an I2P
Svartkast on the Raspberry Pi: Even more cheap hardware to leave on someone
else's network". In that article I answer the obvious question of what the hell
a Svartkast is, as well as show how to make one out of a Raspberry Pi. |
(Posted 06/21/2012) |
Out of Character: Use of Punycode and Homoglyph Attacks to Obfuscate URLs for
Phishing
This is the paper I was working on in last semester's class. Hope it is helpful. |
(Posted 06/07/2012) |
Proposal for "Out of Character: Use of Punycode and Homoglyph Attacks to
Obfuscate URLs for Phishing" |
(Posted 03/03/2012) |
How I Got Pwned: Lessons in Ghetto Incident Response |
(Posted 02/20/2012) |
Homemade Hardware Keylogger/PHUKD Hybrid |
(Posted 11/02/2011) |
Building a Svartkast with a pretty pink Pogoplug: Cheap hardware to leave on
someone else's network |
(Posted 09/12/2011) |
I2P/Tor Workshop Notes |
(Posted 08/02/2011) |
Building a boot USB, DVD or CD based on Windows 7 with WinBuilder and Win7PE SE
Tutorial
Makes a nice companion to Backtrack. |
(Posted 07/01/2011) |
Links for Doxing, Personal OSInt, Profiling, Footprinting, Cyberstalking
A general collection of resources that can help you profile someone before a
pentest. If you have more high quality, low noise resources, please contact me.
I'd eventually like to add some of the links to the
Pentest Standard. |
(Posted 04/28/2011) |
Crude, Inconsistent Threat: Understanding Anonymous
Just a little something to help explain Anonymous to the media and other
organizations. I'm working on a presentation for the
Central Ohio Infosec Summit. |
(Posted 03/28/2011) |
Economics of Information Security Paper Reviews and Notes
These are my write-ups and notes for the papers I've been reading in the
"Economics of Information Security" class I'm enrolled in. I'm guessing most of
my readers won't get much out of them unless they have read, or plan to read,
the same papers. |
(Posted 03/02/2011) |
Plug and Prey: Malicious USB Devices
A little paper I wrote for my masters in
security informatics, and presented at
Shmoocon 2011. |
(Posted 01/27/2011) |
Darknets and hidden servers:
Identifying the true IP/network identity of I2P service hosts |
(Posted 01/10/2011) |
Privacy
Papers Write-up |
(Posted 12/25/2010) |
Dirty Diffie-Hellman Calculator (Like dirty Santa, but geekier) A little Christmas game I came up with for my local ISSA's holiday get together. It illustrates how the Diffie-Hellman key exchange works, and has a calculator to help with the math. |
(Posted 12/02/2010) |
Network King of the Hill Write-ups
I thought this might be of interest to those of you who like hacker war games,
and want to put on their own event. This contest happened at the
Louisville Infosec 2010. Martin from
Question-Defense
and I are polishing it up and plan to run the same sort of
NetKotH event at Hack3rcon. |
(Posted 10/10/2010) |
Identifying the true IP/Network identity of I2P service hosts
This is my project proposal for the "Advanced Topics in Privacy" class I'm in.
Please share with me your thoughts and ideas. Or at the very least, try out I2P
and see how you can use it alongside Tor. |
(Posted 10/08/2010) |
Locking down Windows Vista and Windows 7 against Malicious USB devices |
(Posted 07/02/2010) |
Steganographic Command and Control: Building a communication channel that
withstands hostile scrutiny |
(Posted 05/09/2010) |
Programmable HID USB Keystroke Dongle: Using the Teensy as a pen-testing device |
(Posted 03/23/2010) |
XSS, SQL Injection and Fuzzing Barcode Cheat Sheet |
(Posted 01/28/2010) |
Tracking users, malware and data leaks via the USB serial numbers on flash
drives, smart phones and MP3 players |
(Posted 01/05/2010) |
Ethics of full disclosure concerning security vulnerabilities |
(Posted 12/24/2009) |
Ethical Analysis of Network Neutrality |
(Posted 12/22/2009) |
Fear and
loathing at the Riviera: A noobs guide to Defcon |
(Posted 08/18/2009) |
Forensically interesting spots in the Windows 7, Vista and XP file system and
registry |
(Posted 08/13/2009) |
DD-WRT
v24-sp1: CSRF Example (Bugtraq ID: 35742 ) |
(Posted 07/05/2009) |
Windows 7: Copy A Modified User Profile Over The Default Profile |
(Posted 07/17/2009) |
Using
Kon-Boot from a USB Flash Drive: Bypass those pesky Windows and Linux login
passwords completely Using Kon-Boot from a USB Flash Drive: Bypass those pesky
Windows and Linux login passwords completely |
(Posted 07/08/2009) |
PHPIDS Install Notes and Test Page |
(Posted 07/07/2009) |
XSS, Command and SQL Injection vectors: Beyond the Form |
(Posted 06/03/2009) |
Obfuscated 4chan.gif/Invasion.gif/SYS.JSE Decoded |
(Posted 02/13/2009) |
1337 in the Library: Obtaining your information security education on the cheap |
(Posted 01/17/2009) |
Hacker
Con WiFi Hijinx: Protecting Yourself On Potentially Hostile Networks Hand Out |
(Posted 12/29/2008) |
Deliberately Insecure Web Applications For Learning Web App Security |
(Posted 12/22/2008) |
A Review of
"Building Secure Products and Solutions"
|
(Posted 06/04/2008) |
Getting Ubuntu Linux to connect to a PPTP Cisco VPN 3000 Concentrator |
(Posted 04/10/2008) |
Hardware Key Logging Part 3: A Review Of The KeyLlama USB and PS/2 Keyloggers |
(Posted 03/04/2008) |
State
Hacking/Computer Security Laws |
(Posted 12/23/2007) |
File Systems and thumb drives:Choosing between FAT16, FAT32 and NTFS to get a
faster USB Flash Drive |
(Posted 10/06/2007) |
Hacking and Pen-Testing With The Nokia 770/800 Notes |
(Posted 9/22/2007) |
How To Cyberstalk Potential Employers |
(Posted 7/04/2007) |
Building an InfoSec lab, on the cheap |
(Posted 5/23/2007) |
Hardware
Key Logging Part 2:A Review Of Products From KeeLog and KeyGhost |
(Posted 4/26/2007) |
Hardware Key Logging Part 1: An Overview Of USB Hardware Keyloggers, And A
Review Of The KeyCarbon USB Home Mini |
(Posted 3/26/2007) |
ALT+NUMPAD ASCII Key Combos: The α and Ω of Creating Obscure Passwords |
(Posted 3/20/2007) |
How to Change Your MAC Address
(MAC Spoofing)
in Linux and Windows Update |
(Posted 12/27/2006) |
Dual
Booting Slax Linux and BartPE (Windows) from a USB Thumbdrive (UFD) |
(Posted 11/06/2006) |
Review of the
UT-41 GPS, and a little about getting it to work with Kismet in BackTrack Linux |
(Posted 09/20/2006) |
The Joys of Skiddy Baiting |
(Posted 08/27/2006) |
Cracking Windows Vista Beta 2 Local
Passwords (SAM and SYSKEY) |
(Posted 07/24/2006) |
Bluecasing: War Nibbling, Bluetooth
and Petty Theft |
(Posted 06/12/2006) |
Hacker Con Wi-Fi
Hijinx Pamphlet |
(Posted 05/11/2006) |
IPIterator: The IP Iterator. |
(Posted 03/25/2006) |
Irongeek's Wall of Social Science
Majors (inspired by the Wall of Shame/Wall of Sheep Code) |
(Posted 03/01/2006) |
Tony's Ethernet Tap |
(Posted 02/18/2006) |
Caffeinated Computer Crackers:
Coffee and Confidential Computer Communications |
(Posted 02/15/2006) |
Counter WMF
Exploit with the WMF Exploit
I used H D Moore's "Windows XP/2003/Vista Metafile Escape() SetAbortProc Code
Execution" revision 1.12 Metasploit module to create a WMF file that
automatically runs "regsvr32 -u shimgvw.dll" to counter the exploit. Clicking
the link may run code on your computer or crash your browser if you are using IE
so click with caution. More of a fun experiment than anything. |
(Posted 01/03/2006) |
Keymail the KeyLogger:An E-mailing
Key Logger for Windows with C Source. |
(Posted 12/20/2005) |
Hacking Network Printers
(Mostly HP JetDirects, but a little info on the Ricoh Savins) |
(Posted 9/11/2005) |
Finding Rogue SMB File Shares On
Your Network |
(Posted 9/02/2005) |
Information security in campus and
open environments |
(Posted 8/11/2005) |
Wigle-to-Google-Earth Script |
(Posted 7/26/2005) |
LAN of the Dead: Putting
computer zombies back in their grave, Ash style. |
(Posted 7/06/2005) |
Fun with Ettercap Filters |
(Posted 6/13/2005) |
PacketFountain: Network
Sniffing Screensaver |
(Posted 5/03/2005) |
Pen-testing Tools for the Pocket PC |
(Posted 5/03/2005) |
Auditor security collection boot CD
notes (compiled by Douglas Lancaster ) |
(Posted 3/25/2005) |
Cracking Syskey and the SAM on
Windows XP, 2000 and NT 4 using Open Source Tools |
(Posted 3/21/2005) |
Cracking Cached Domain/Active
Directory Passwords on Windows XP/2000/2003 |
(Posted 3/08/2005)) |
Using
Bart's PE Builder to Make an Anti-Spyware and Rescue CD
|
(Posted 2/18/2005) |
A Quick Intro to
Sniffers |
(Posted 2/01/2005) |
Web Buggery: Analyzing Tracking
Images |
(Posted 10/15/2004) |
Practical Guide to Alternative Data Streams
in NTFS |
(Posted 9/28/2004) |
Irongeek's Signature Image |
(Posted 9/16/2004) |
What can you find out from an IP? |
(Updated 9/03/2004) |
Shell
access to a web server using PHP updated and now called
Shoveling a Shell using PHP Insecurities
|
(Posted 8/11/2004) |
Basics of Arpspoofing/Arppoisoning
Update |
(Posted 8/09/2004) |
Compiling Linux Exploit Code and Tools in
Windows using Cygwin |
(Posted 8/02/2004) |
Security and Hacking Plugins for Bart's
PE Builder |
(Posted 7/15/2004) |
Basics of Arpspoofing/Arppoisoning |
(Posted 5/6/2004) |
Linux and Logs, a quick primer by
my buddy Isaac |
(Posted 4/8/2004) |
Pocket PC SSH Client
|
(Posted 4/6/2004) |
Southern Indiana Deviant Computing
Meetings |
(Posted 4/3/2004) |
Find out what devices have been
getting an IP from the DHCP daemon that's running on your Linksys WRT54G Router |
(Posted 4/2/2004) |
How to Change Your MAC Address
in Linux and Windows |
(Posted 3/23/2004) |
Irongeek's JetDirect Hack
Program |
(Posted 3/14/2004) |
HP Printer Display Hack |
(Posted 3/12/2004) |
ADSReaper
for collecting info about Windows boxes using WMI and ADS |
(Posted 3/10/2004) |
Brute force
Windows passwords from across the network |
(Posted
2/26/2004) |
Cracking Windows 2000 And XP Passwords With
Only Physical Access |
(Posted 2/19/2004) |
Shell
access to a web server using PHP |
(Posted 2/12/2004) |
Information Security in Campus and Open Environments |
(Posted 2/11/2004) |
How To Trace Fake or Anonymous E-mails |
Real Old |
What can you find out from an IP? |
Real Old |
PowerPoint Slides from Adrian's Security Lecture |
Real Old |
My Remote TightVNC install files |
Real Old |
DeWormer 0.5 Installer DeWormer is a package that tries to alert an attacking host that they may have a worm on their machine. It does this in two ways, by trying it e-mail the root user and by sending a win popup message to the box. It also logs activity to a web page. |
Real Old |