Irregular Expressions:

August, 2012


August 30, 2012  3:12 PM

Stripe CTF Solutions



Posted by: Dan O'Connor

Just incase you are looking for them, here is the solutions to the CTF game I posted last week. I made it through the first few levels but ran out of time with other...

August 30, 2012  2:58 PM

SQL Injections



Posted by: Dan O'Connor

I have been doing some prep research for some up coming activities and I found an excellent cheat sheet of SQL injection commands. Here; Here is the standards that I usually...


August 29, 2012  7:50 PM

Remote File Inclusions



Posted by: Dan O'Connor

I am currently testing a few php shells that I have against a test php site I created, and I thought I would share some of the basics of a RFI ( Remote File Inclusion ). When I need to deal with web apps this is the second thing I will try right after SQL injection. Here is the


August 28, 2012  11:26 PM

Pen Testing



Posted by: Dan O'Connor
pen testing

I find it strange that physical pen testing and digital seem to have some sort of impenetrable wall between them when I talk with people. I know when doing a pen test you have your scope of what is off limits and how far you are supposed to go. These limits can be business based, maybe on...


August 28, 2012  11:10 PM

Biomimicry



Posted by: Dan O'Connor
Biomimicry, ipv4, ipv6

Biomimicry or biomimetics is the examination of Nature, its models, systems, processes, and elements to emulate or take inspiration from in order to solve human problems. While...


August 28, 2012  1:07 AM

Dropbox update



Posted by: Dan O'Connor
dropbox, dropbox privacy, two factor authentication with cell phones

If you have not noticed they have updated the security section of your dropbox account. You can now enable two factor authentication for your account. Basically it will send a PIN to your mobile device that you append to your password. I am a big fan of this form of two factor authentication. ...


August 26, 2012  10:49 PM

What Is The Gauss Payload?



Posted by: Dan O'Connor
exploits as munitions, Gauss, malware, malware analyzing, malware engineering, Stuxnet, stuxnet source code

If you have not seen this yet, Gauss is something that appears to have come out of the same labs or workshop as Flame and Stuxnet. This specifically seems to be targeted against the financial industry in the middle east. Here is a Guardian article with some excellent information;


August 26, 2012  10:31 PM

“I can tell you that as a commander in Afghanistan in the year 2010, I was able to use my cyber operations against my adversary with great impact,”



Posted by: Dan O'Connor
cyber, cyber army, cyber attack, cyber war, cyberwar, exploit, exploits as munitions

Very open comment about the cyber capabilities possessed by the US military. Here is the article I found, http://www.khou.com/news/world/167334595.html You can watch his speech right...


August 23, 2012  12:14 AM

New CTF Game



Posted by: Dan O'Connor
games, hacking, hacking challenges, hacking ctf games, hacking games

Hurry you have one week from today, so next Wednesday the 29th. https://stripe.com/blog/capture-the-flag-20 I'll let you all know how I do!


August 21, 2012  12:35 AM

Paypai.com



Posted by: Dan O'Connor
backdoor, malware, malware analyzing, malware engineering, remnux, trojan

I picked up another similar listener to the Groupon one the other day. This again is an attached ZIP file with an exe inside. It says its from paypai.com depending on your font the i will look like a L. The exe looks like it has been reused but I don't see any mention of it's original file...


Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to: