Here’s a few of the interesting and useful articles and tools that I’ve come across last week.
Articles and news:
Badge Cloning: Clone HID Prox with Proxmark3 RDV4 – Standalone Mode
You see those folks badging into their secure facilities, and you think to yourself, “Self. I, too, would like to badge into those secure facilities… but I don’t have a badge!!! WHY DON’T I HAVE A BADGE?!?”
Why the NSA Called Me After Midnight and Requested My Source Code
The story behind my top secret coffee cup
HID attacks via USB cables. A step on from the Hak5 USB Rubber Ducky
New to Burp? This article is a good place to start understanding the power of this essential pen tester tool
DHCP is ubiquitous, and at some stage you may need to perform a pen test against it for a client. This is a great resource if you’re interested in this field.
Tools and tech:
A project written in Python to twitter tracking and analysis without using Twitter API.
A huge stack of AWS security tools; if you’re involved with securing AWS instances, these tools are worth evaluating.
Passhunt is a simple tool for searching of default credentials for network devices, web applications and more. Search through 523 vendors and their 2084 default passwords
Samurai Email Discovery – Is A Email Discovery Framework That Grabs Emails Via Google Dork, Company Name, Or Domain Name
Got some JSON that you need to format quickly, and no access to your usual tools? This page formats that string into pretty JSON.