AV evasion fun with ChatGPT

by on Jun.28, 2023, under Code, Posts

I’ve used chatgpt for work on some SQL queries that I had troubles with and granted it worked.

I have 0 idea if this will compile or work.. I’m sharing the idea that I’m sure is not original:




#include <stdio.h> #include <stdlib.h> void execute_shellcode() { __asm__(“mov $0xff,%eax\n\t” “inc %eax\n\t” “xor %ebx,%ebx\n\t” “mov $0xff,%edx\n\t” “inc %edx\n\t” “xor %ecx,%ecx\n\t” “int $0x80”); } int main() { void (*function_ptr)() = &execute_shellcode; function_ptr(); return 0; }

Leave a Comment :, , , more...

Hacking the Arlo Q Security Camera: Firmware Extraction

by on Apr.18, 2023, under Posts, Videos

Leave a Comment :, , , , , , , , , , more...

My TLDR version of Zero Trust Computing/Networking

by on Feb.02, 2023, under Posts

Zero Trust Computing/Networking to me means that you have to assume all end points are directly exposed to the internet and all of their services/ports/exchanges say, “Hey, we are open but refer to the control plane (layered control systems) to access our data plane but you need to verify x amount of information that is dependent on multiple semi-dislike but aligned factors that put together, are hard to reproduce”. All fellow nodes or hosting infrastructures are assumed to be compromised but regardless of how ‘secure’ the zero trust system is, if humans need to interact with it, there will be ways to exploit it. Strong and reasonable cryptography (considering computing power and what information is at stake) along with mitigating low level speculative processing exploits will be of utmost importance and telemetry/diagnostics will become harder to use unless given cascading but potentially tiered/layered permissions.

( “7 principles of zero trust security model“, is a good and short read as well.)

Leave a Comment :, , , , , , , more...

Elliptic Curve Cryptography Overview ( F5 DevCentral )

by on Dec.14, 2022, under Posts, Videos




Leave a Comment :, , , , more...

SSH Client as a Quick and Dirty Port Scanner

by on Jul.22, 2022, under Posts

Since the ssh client is pretty ubiquitous and has been included with Windows 10 installations for the past couple years, I’ve discovered it can be a useful tcp port scanner if you use the verbose flag:

For Windows:

ssh -p 80 google.com -v 2>&1 | findstr Connect

ssh -p 80 -o ConnectTimeout=1 www.google.com -v 2>&1 | findstr Connect
debug1: Connecting to www.google.com [] port 80.
debug1: Connection established.
kex_exchange_identification: Connection closed by remote host

As for your *nix systems, just use grep instead of findstr. I hope someone else finds this useful!


Leave a Comment :, , , , , , , , more...

Looking for something?

Use the form below to search the site:

Still not finding what you're looking for? Drop a comment on a post or contact us so we can take care of it!