4 followers
This blog is a partial collection of projects I've worked on. I write about hacking, fintech, malware, cloud computing and tools I've created to help us get better.
Subscribe to my newsletter and never miss my upcoming articles
If you’ve been reading my blog since I started writing on Medium, you’ll remember Judas, the pluggable open-source phishing proxy. I wrote Judas to prove a point on an engagement once, and unfortunately neglected it afterwards. (Side note: Go’s compr...
We’ve all heard about algorithmic trading in the news. It sounds great! You think of a program making money for you while you sip Mai Tais and smoke the finest ganja on the beach in Jamaica. I’m going to show you how you can do it yourself with TD Am...
I’ve been experimenting with Wireguard as a VPN to protect my internet traffic from local snoopers and communicate between all my devices as if they were on the same network. SSHing into an Ubuntu 20.04 Thinkpad on my home network via the VPN. Wi...
Postman is an excellent API testing tool for developers, QA testers and penetration testers. Its UI allows you to easily send HTTP requests and see responses, but it’s also a great automation tool. Getting stock prices from Alpha Vantage with Post...
The cloak and dagger attack exploits a combination of drawing over other apps and the high level of access to other apps given to accessibility services on Android. It is a simple yet effective technique being exploited in the wild today by cybercrim...
Your target has an Android application and you want to walk through their API to check for server-side vulnerabilities. You configure the emulator to use Burp Suite as a proxy and begin using the app. https://gist.github.com/JonCooperWorks/1866d3efe7...