Latest Tweets

Integrating the IHaveBeenPwned API into Linux PAM

Introduction

I was writing another 4-page article for Linux User and Developer about Public APIs when I came out with the idea of showing the readers how to leverage the IHaveBeenPwned API using a Linux PAM module. The idea was to use their new “Pwned Passwords API v2” with the K-Anonymity […]

CTF Una-Al-Mes La casa de papel 1ª parte. Write-up

Obtención de los códigos web

Abrimos la página web del CTF: http://34.253.233.243/lacasadepapel/episodio1/puerta.php. Observamos un sencillo formulario web con dos cajas de texto, “Código 1” y “Código 2”. Antes de hacer pruebas a lo loco, comprobamos el código fuente de la página:

El código fuente de la página del CTF nos […]

Transform your Hak5 Packet Squirrel into an automatic TOR annonymizer

Preamble

I’ve been testing some Hak5 devices recently. I have to admit that they are all incredible, easy to use and well-designed. The Packet Squirrel is an incredible small MIPS device, based on OpenWRT, full of possibilities. Although its main goal is to perform advanced MitM attacks, it can be used […]