blog.0x3a.com
0x3a - Security Specialist and programmer by tradeI'm a guy with a blog, and I write entries sometimes (years apart in some cases...)
http://blog.0x3a.com/
I'm a guy with a blog, and I write entries sometimes (years apart in some cases...)
http://blog.0x3a.com/
TODAY'S RATING
>1,000,000
Date Range
HIGHEST TRAFFIC ON
Wednesday
LOAD TIME
1.7 seconds
16x16
32x32
64x64
128x128
PAGES IN
THIS WEBSITE
20
SSL
EXTERNAL LINKS
29
SITE IP
66.6.44.4
LOAD TIME
1.738 sec
SCORE
6.2
0x3a - Security Specialist and programmer by trade | blog.0x3a.com Reviews
https://blog.0x3a.com
I'm a guy with a blog, and I write entries sometimes (years apart in some cases...)
blog.0x3a.com
0x3a - Security Specialist and programmer by trade
http://blog.0x3a.com/tagged/microsoft
April 30, 2015. Analysis of a MICROSOFT WORD INTRUDER sample: execution, check-in and payload delivery. I added a download link to the memory dump of the machine I used in this article for others to learn from and play around with volatility. On April 1st FireEye released a report on “MWI” and “MWISTAT” which is a sort of exploit kit for Word Documents if you will: A New Word Document Exploit Kit. If you would like to do the same analysis just grab the sample from Malwr which has been made downloadable&#...
0x3a - Security Specialist and programmer by trade
http://blog.0x3a.com/tagged/antivirus
November 30, 2015. Inside Braviax/FakeRean: An analysis and history of a FakeAV family. Since September 2014 I’ve been seeing a FakeAV family pop up from time to time. This family is known under two names, Braviax and FakeRean. The family has been active for quite some years, it was first spotted by S! For sharing some historical data on this group. As said, back in September 2014 this new variant became active. After seeing it pass by multiple times I decided to look into it a bit. At some point...Websi...
0x3a - Security Specialist and programmer by trade
http://blog.0x3a.com/tagged/referer
May 7, 2015. Angler exploit kit using tricks to avoid referrer chain leading back to malvertisement provider. Initial infection chain for Angler. Angler is currently using a method that allows them to break the referer chain. Breaking this chain makes it hard to track down the malicious advertisement associated with them. As an example here is a malvertising case involving Angler, the advertiser was about 5 layers down in the chain. The following screenshot is from the Fiddler sesion:.
0x3a - Security Specialist and programmer by trade - Angler exploit kit using tricks to avoid referrer chain leading back to malvertisement provider
http://blog.0x3a.com/post/118366451134/angler-exploit-kit-using-tricks-to-avoid-referrer
May 7, 2015. Angler exploit kit using tricks to avoid referrer chain leading back to malvertisement provider. Initial infection chain for Angler. Angler is currently using a method that allows them to break the referer chain. Breaking this chain makes it hard to track down the malicious advertisement associated with them. As an example here is a malvertising case involving Angler, the advertiser was about 5 layers down in the chain. The following screenshot is from the Fiddler sesion:. The script is heav...
0x3a - Security Specialist and programmer by trade
http://blog.0x3a.com/post/2516714194/piracy-is-bad-it-cripples-user-experience
December 29, 2010. Piracy is bad, it cripples user experience! URL: https:/ tmblr.co/ZNK8wx2M0WBI. Reblogged this from 0x3a. Blog comments powered by Disqus. RSS feed: http:/ blog.0x3a.com/rss. Theme is The Atlantic.
TOTAL PAGES IN THIS WEBSITE
20
August | 2016 | DiabloHorn
https://diablohorn.com/2016/08
Attempting to understand security. Stay updated via RSS. Follow DiabloHorn on WordPress.com. Python raw sockets sniffing and pcap saving. Win10 secure boot inside vmware fusion. Meterpreter, registry and unicode quirk work around. Python] Poor man’s forensics. Idea: Abusing Google DLP for NSA-style content searching. IT Solutions Knowledge Base. Security on the edge. Archive for August, 2016. Python] Poor man’s forensics. Posted: August 14, 2016 in general. Sudo mac-robber mnt/ head. Class host start time.
April | 2014 | DiabloHorn
https://diablohorn.com/2014/04
Attempting to understand security. Stay updated via RSS. Follow DiabloHorn on WordPress.com. Python raw sockets sniffing and pcap saving. Win10 secure boot inside vmware fusion. Meterpreter, registry and unicode quirk work around. Python] Poor man’s forensics. Idea: Abusing Google DLP for NSA-style content searching. IT Solutions Knowledge Base. Security on the edge. Archive for April, 2014. Quick POC to mitm RDP ssl. Posted: April 21, 2014 in general. So the other day I stumbled upon this. As usual....
Ceterum censeo Moscow esse delendam
http://blog.mykola.org/post/117797102563/0x3a-piracy-is-bad-it-cripples-user
Ceterum censeo Moscow esse delendam. Питайте, відповідатиму чесно. April 30, 2015. Piracy is bad, it cripples user experience! URL: http:/ blog.mykola.org/post/117797102563/0x3a-piracy-is-bad-it-cripples-user. Reblogged this from 0x3a. Blog comments powered by Disqus. RSS feed: http:/ blog.mykola.org/rss. Theme is The Atlantic.
PowerShell overview and introduction | DiabloHorn
https://diablohorn.com/2016/02/06/powershell-overview-and-introduction
Attempting to understand security. Stay updated via RSS. Follow DiabloHorn on WordPress.com. Python raw sockets sniffing and pcap saving. Win10 secure boot inside vmware fusion. Meterpreter, registry and unicode quirk work around. Python] Poor man’s forensics. Idea: Abusing Google DLP for NSA-style content searching. IT Solutions Knowledge Base. Security on the edge. PowerShell overview and introduction. Posted: February 6, 2016 in general. What is PowerShell and why would you use it? One of the reasons ...
November | 2016 | DiabloHorn
https://diablohorn.com/2016/11
Attempting to understand security. Stay updated via RSS. Follow DiabloHorn on WordPress.com. Python raw sockets sniffing and pcap saving. Win10 secure boot inside vmware fusion. Meterpreter, registry and unicode quirk work around. Python] Poor man’s forensics. Idea: Abusing Google DLP for NSA-style content searching. IT Solutions Knowledge Base. Security on the edge. Archive for November, 2016. Win10 secure boot inside vmware fusion. Posted: November 5, 2016 in general. Avoid a secondary dedicated laptop.
March | 2015 | DiabloHorn
https://diablohorn.com/2015/03
Attempting to understand security. Stay updated via RSS. Follow DiabloHorn on WordPress.com. Python raw sockets sniffing and pcap saving. Win10 secure boot inside vmware fusion. Meterpreter, registry and unicode quirk work around. Python] Poor man’s forensics. Idea: Abusing Google DLP for NSA-style content searching. IT Solutions Knowledge Base. Security on the edge. Archive for March, 2015. Posted: March 28, 2015 in midnight thoughts. Now if you are curious how this works and how you could set this up i...
December | 2014 | DiabloHorn
https://diablohorn.com/2014/12
Attempting to understand security. Stay updated via RSS. Follow DiabloHorn on WordPress.com. Python raw sockets sniffing and pcap saving. Win10 secure boot inside vmware fusion. Meterpreter, registry and unicode quirk work around. Python] Poor man’s forensics. Idea: Abusing Google DLP for NSA-style content searching. IT Solutions Knowledge Base. Security on the edge. Archive for December, 2014. Parsing the hiberfil.sys, searching for slack space. Posted: December 10, 2014 in general. The hibernation file...
February | 2014 | DiabloHorn
https://diablohorn.com/2014/02
Attempting to understand security. Stay updated via RSS. Follow DiabloHorn on WordPress.com. Python raw sockets sniffing and pcap saving. Win10 secure boot inside vmware fusion. Meterpreter, registry and unicode quirk work around. Python] Poor man’s forensics. Idea: Abusing Google DLP for NSA-style content searching. IT Solutions Knowledge Base. Security on the edge. Archive for February, 2014. QP] Stop video recording your command line, I want to grep it! Posted: February 27, 2014 in MemoToSelf. Http:/ ...
Utku Şen Kişisel Blog
http://www.utkusen.com/blog
Mdash; computer security, programming. Black Hat, Defcon ve Pwnie Awards Adaylığım. Ekip olarak Ağustos başında Las Vegas’ta düzenlenen Black Hat USA ve Defcon konferanslarına katıldık. Benim için bu seyahatin en heyecanlı noktası Pwnie Awards. Adaylığı olduğu için ilk olarak oradan başlamak istiyorum. Mr Robot 1. Sezon Hack Sahnelerinin İncelemesi. Yazı içinde yanlış bilgi verdiğimi düşürseniz yorum olarak beni düzeltebilirsiniz. İlgili kısmı düzenlerim. As a last semester student of Computer Engineerin...
TOTAL LINKS TO THIS WEBSITE
29
0x10 - Security, sysadmin and stuff
0x10 - Security, sysadmin and stuff. Random little projects etc. Thursday, 27 March 2014. When long tail meets viral. Well, not really viral, just busier than expected. Here is a screenshot showing all time traffic stats for this blog. Post has become the most popular post on this blog by far. Huh. Links to this post. Friday, 1 November 2013. Dirty, dirty devops. No this isn't an opinionated rant about devops culture or anything. Its just a hacky knife plugin that lets me play with Sensu quickly. System(...
Black Flag
Thoughts, stories and ideas. Page 1 of 4. Older Posts →. Trên tay C.H.I.P và PocketChip. Sau hơn 6 tháng đợi chờ quá trình vận chuyển,từ người bạn của tôi ở Pháp, Hà Nội, Sài Gòn. Pockechip và C.H.I. ». Semver: Escape from (dependency) hell - P2. Ở phần đầu của bài viết, mình đã trình bày về dependency hell, semver và một vài định nghĩa đơn giản của version range. Sau đây, ». Semver: Escape from (dependency) hell - P1. Design Pattern] Behavioral Patterns - Observer. Làm quen với IoT Security. Extracting ...
0x1fff
Howto build deb package with Perl module (Lingua: Identify). What is Lingua: Identify? Is Perl module used for text language identification - remember that language identification is not 100% accurate. Why use Lingua: Identify? Here is list of most important (for me) features of this module. It's free and it's open-source;. It has unicode support in standard;. It's a module, which means you can easily write your own application. It supports big inputs. How to create deb package of Lingua: Identify? Ostat...
hackerspace Ghent
Lets not lose focus. ;). The FOURTH installment of our annual hackerspace conference called Newline. Is on the 28th and 29th of March. Mar 7th, 2014. Loudspeaker building @ 0x20 :3. Dec 11th, 2013. I would like to donate these computers to help you! Dec 3rd, 2013. Hackerspacing in Europe: WhiteSpace in Gent. Dec 2nd, 2013. Dry ice and hot water. Nov 29th, 2013. Nov 29th, 2013.
Trung's corner
Chân núi Tà Cú - Bình Thuận. A LIFE ON FACEBOOK. Sometimes, it’s OK not to change :). Pepsi vs. Coke in the branding department is astounding in this visual. What I see in Pepsi is a company that massively struggles to find its voice and its identity. Clearly their original logo was a mimic of Coke’s (since it was done three years later.) Disclaimer: I’m a Coke girl, 100%. Maybe the strong identity is a subliminal influence… I do feel pretty confident about it! The art of good logo design. Vợ chồng A Phủ.
0x3a - Security Specialist and programmer by trade
June 1, 2015. Unusual njRat campaign originating from Saudi Arabia using FakeAV tactics. While investigating an unrelated threat I ran into a rather interesting njRat campaign. It started with a website that was compromised and being abused as a 3rd layer C2 communication proxy. It seems those guys weren’t the only ones using it. When visiting the websites’ main page I was greeted with an alert pop-up:. URL: http:/ tmblr.co/ZNK8wx1m9ptpY. May 7, 2015. Initial infection chain for Angler. April 30, 2015.
blog.0x40.ch
News aus der Welt. Neue Angriffe auf DH-Verschlüsselung. Nicht der Algorithmus an sich, aber seine Implementation in zahlreichen Servern, Client-Anwendungen …. Streaming-Dienst: Netflix bringt bessere Oberfläche für Browser-Nutzer. Erste Netflix-Nutzer haben bereits die neue Oberfläche des Streaming-Dienstes erhalten, wenn sie die…. Gewinnspiel: equinux tizi Turbolader 3x MEGA. Vor etwas mehr als zwei Wochen hatte ich den tizi Turbolader 3x MEGA, ein USB-Ladegerät für den Ziga….
0x557
2015 年 2 月 14 日. 各个州的地产税率是不同的,最低的路易斯安娜0.18%,最高的新泽 […]. 2014 年 10 月 24 日. 2014 年 10 月 15 日. 2014 年 7 月 24 日. 2014 年 7 月 23 日. 2014 年 7 月 19 日. 2014 年 7 月 16 日. 如果是写微博,这么大的题目其实一句话就好,数字娱乐有限公司旗下重金收购 但未遂 ios 7的完美越狱实际上已经 […]. 2014 年 1 月 3 日. 2013 年 8 月 6 日. 2013 年 6 月 29 日.
0X55AA'博客
Posted on 八 - 14 - 2015. 每一列数据使用’ t’分隔,每一行用’ r’分隔。 导出的excel文件后缀为’.xls’。 Posted on 七 - 25 - 2015. 方法 进入about:config 右键新建整数键accessibility.tabfocus,输入值7.然后就行了 不知道为什么只有mac下没有这个功能。 1是文本编辑框 2是除了文本编辑框其他的表单 3是a标签和img标签 其他是上边几个功能的组合之和. Posted on 七 - 18 - 2015. 主要用了俩命令 vacuum full tablename; 能释放表空间 VACUUM ANALYZE search history; 根据统计信息优化sql执行. Posted on 七 - 9 - 2015. 后台配置的时候,创建了一个用户组 home 创建了该组下的一个成员a0x55aa,只有我自己用。 开始的时候,好像是配置向导简历了win unix mac 分别对应cifs, nfs, afp服务。 Posted on 六 - 28 - 2015. Posted on 六 - 28 - 2015.
Hear me roar
Monday, November 19, 2007. Finally I got around publishing the source for the little XMMS2 client I've been working on (when not preparing the DrKosmos release). It is designed for use on the FIC neo1973 phone, turning it into a remote control for your XMMS2. Most time was wasted fighting with bitbake. Or rather getting bitbake and waf to get along. I wrote some simple custom gtk widgets using gob2 for use in x2r. Those are available in the awidgets repository on git.0x63.nu. Saturday, September 22, 2007.
SOCIAL ENGAGEMENT