Android Reversing to Find JWT Key
February 06, 2018
In the previous blog post, I discussed JWTs and their common vulnerabilities. There, I mentioned a recent engagement where I discovered an Android application signing JWTs using HS512 on the client side, which set in motion a hunt to find the symmetric key and forge modified JWTs. This blog post will cover the basic Android hacking techniques and methodology used along the way. If you are new to Android application testing, this blog post will be a great resource to learn from!
JWT Hacking 101
December 07, 2017
Code Featured on Mr. Robot (USA Network)
November 30, 2017
Last night’s episode of Mr. Robot (eps3.6_fredrick+tanya.chk) contained some code I wrote for a WebLogic deserialization vulnerability in my earlier blog post, Hands on with WebLogic Serialization Vulnerability. I still can’t quite believe it! Chris Frohoff (@frohoff ) the author of the “ysoserial” deserialization tool caught it and tagged me on Twitter. Much thanks to him…
SE Village @ DC25: Social Engineering with Web Analytics
July 31, 2017
This weekend I was lucky enough to have the opportunity to speak at the Social Engineering Village at DefCon25. I gave a talk regarding my research with using Google Analytics for social engineering. I made a new tool called google-analytics-attack-ng that has many new features compared to its predecessor in my previous blog post. In addition to…
Building IoT: A Hacker’s Journey
May 02, 2017
Being a first time home owner means a lot of different things, but in particular I’ve found it means fixing a lot of things. A garage door opener has been on my fix-it list for a while and I finally got around to solving it! This blog post will cover the IoT device I created and the security protections I baked in along the way!
DakotaCon 2017 CTF Write Ups
April 12, 2017
I was able to attend DakotaCon in Madison, SD again this year and staying true to the precedent from last year, it was a great time! The time I didn’t spend in the talks or training was spent on the CTF, of which my team and I were able to complete in 1st place! This blog post contains write-ups for various challenges.
Magic Mirror with DNS Filtering
February 06, 2017
Over a year ago I came across a Raspberry Pi project called Magic Mirror. The project uses a one-way mirror to overlay a reflective property on a computer monitor, while allowing display elements to “magically” appear on the mirror. I liked this project and went ahead and built my own, but with a twist. This blog post will briefly cover my Magic Mirror build and how I use it to manage and filter DNS on my network.
Social Engineering with Google Analytics
September 25, 2016
If a sophisticated attacker could flood a victim’s Google Analytics portal with referrals from a domain the attacker controls, a victim may investigate the referrals and browse to the attacker controlled domain. Sneaky! This blog post will covers the development and a usage of a Social Engineering Toolkit (SET) module I wrote called “Google Analytics Attack”.
Referer Redirection and Its Inconspicuous Danger
August 16, 2016
Recently I noticed some peculiar behavior on a web application; it would openly redirect to whatever the ‘Referer’ header was set to in the request. At first I though that seemed pretty harmless, but after recognizing it as unsanitized input, I was determined to come up with a use-case as for when this behavior could be used for evil.
KeePass and Eating Your Own Dog Food
July 21, 2016
For a while now the information security community has been griping about the need for better passwords. I decided it was time to ‘eat my own dog food’ and take my personal password security to the next level by using KeePass.