I read this last week: WC 22 October 2018

By | October 28, 2018

Here’s a few of the interesting and useful articles and tools that I’ve come across last week.

Articles and news:

Badge Cloning: Clone HID Prox with Proxmark3 RDV4 – Standalone Mode

You see those folks badging into their secure facilities, and you think to yourself, “Self. I, too, would like to badge into those secure facilities… but I don’t have a badge!!! WHY DON’T I HAVE A BADGE?!?”


Why the NSA Called Me After Midnight and Requested My Source Code
The story behind my top secret coffee cup


Bad USB cables

HID attacks via USB cables.  A step on from the Hak5 USB Rubber Ducky

 


Burp Suite basic use cases

New to Burp? This article is a good place to start understanding the power of this essential pen tester tool


DHCP Penetration testing

DHCP is ubiquitous, and at some stage you may need to perform a pen test against it for a client.  This is a great resource if you’re interested in this field.



Tools and tech:

Twitter intelligence

A project written in Python to twitter tracking and analysis without using Twitter API.


An arsenal of AWS tools

A huge stack of AWS security tools; if you’re involved with securing AWS instances, these tools are worth evaluating.


PassHunt

Passhunt is a simple tool for searching of default credentials for network devices, web applications and more. Search through 523 vendors and their 2084 default passwords


Samurai email discovery

Samurai Email Discovery – Is A Email Discovery Framework That Grabs Emails Via Google Dork, Company Name, Or Domain Name


JSON Pretty Print

Got some JSON that you need to format quickly, and no access to your usual tools? This page formats that string into pretty JSON.