Header Image -

Tag Archives

5 Articles

Adding a Lock Screen to Signal Desktop

by Jamey 0 Comments
Adding a Lock Screen to Signal Desktop

In this post, I will describe improvement steps that I have tried to make by contributing to the open source Signal Desktop project on GitHub, as well as creating my own application patch for Linux and MacOS.

I have recently been in full CON mode for DEF CON 28 SAFE MODE, which just ended yesterday. This year, all of the festivities took place on Discord and Twitch, and they pulled it off perfectly without a hitch. However, many of us reminisced about years past and the fun had in Las Vegas, which was the only thing missing this year. One of the upsides of this was not having to worry about your laptop or phone traffic being sniffed or getting hacked, as in years past, every precaution was taken — from bringing clean laptops with fresh and disposable Kali installations, to bringing burner phones — and all important communication between friends took place on Signal — the go-to app for private comms.

24 views

How to SSH to a Jailbroken iOS Device over USB

by Jamey 0 Comments
How to SSH to a Jailbroken iOS Device over USB

I recently had to set up testing against our Akamai Staging environment which uses a different IP address than production. This required me to get a new MacBookPro that would support the latest version of MacOS, as well as the latest version of Xcode, just so that I could have sudo access to change add an entry in /etc/hosts in order to build the application from source and run it in the iOS simulator (since the Simulator doesn’t come packaged with the iOS AppStore). Then I had to carry around another computer in my backpack simply because I refuse to separate from Arch Linux and i3-gaps (which can perfectly emulate the Android version without issues), but I digress…

1,276 views

Generating Large Password Dictionaries Using Brutalist

by Jamey 0 Comments
Generating Large Password Dictionaries Using Brutalist

Brutalist is a cross-platform Python3+ based command line tool that can be used to generate very large word dictionaries based on minimal input. It can take a single word like “password” and generate up to 13,198,680 combinations using common special character substitutions and suffixes, and up to all possible 3-digit numerical suffixes with all variations of special characters appended. It is a highly-specialized tool, which should be a regular go-to in the tool belt of all red teamers and pentesters.

5 views

Ransomware. Ransomewhere? Inside malicious installers on MacOS, that’s where.

by Jamey 0 Comments
Ransomware. Ransomewhere? Inside malicious installers on MacOS, that’s where.

With the new wave of ransomware attacks we have seen at the beginning of this week, especially targeted toward Spain, we can see that mostly Windows attack vectors are mostly being utilized, in what appears to be a variant of the Bitpaymer family, related to the Dridex group of malware.

But what does the future hold for attacks such as these? When will we see the attack vector change drastically to target something that your company is most-likely unprepared for? We are seeing bad actors targeting low-hanging fruit on Windows, while the world of end-users are going mobile. If iOS development is part of your enterprise, then whether you like it or not, MacOS literally has to be an integral part of your infrastructure…because XCode. Is it possible that this is something that has gone unnoticed in the threat detection landscape, or is the perception of the threat level just perceived to be so low that we haven’t yet come up with a good way to protect against it?

23 views

Test Case: Deploying a Hugo App to Heroku

by Jamey 0 Comments
Test Case: Deploying a Hugo App to Heroku

I have recently been hearing about Hugo and how easy it is to manage for blogs and such (it uses/renders Markdown), and ever since I heard about Heroku’s free tier, I’ve been wanting to give it a shot. This article will be documenting how I went about doing both.

17 views