Header Image -

Tag Archives

4 Articles

How to SSH to a Jailbroken iOS Device over USB

by Jamey 0 Comments
How to SSH to a Jailbroken iOS Device over USB

I recently had to set up testing against our Akamai Staging environment which uses a different IP address than production. This required me to get a new MacBookPro that would support the latest version of MacOS, as well as the latest version of Xcode, just so that I could have sudo access to change add an entry in /etc/hosts in order to build the application from source and run it in the iOS simulator (since the Simulator doesn’t come packaged with the iOS AppStore). Then I had to carry around another computer in my backpack simply because I refuse to separate from Arch Linux and i3-gaps (which can perfectly emulate the Android version without issues), but I digress…

562 views

Generating Large Password Dictionaries Using Brutalist

by Jamey 0 Comments
Generating Large Password Dictionaries Using Brutalist

Brutalist is a cross-platform Python3+ based command line tool that can be used to generate very large word dictionaries based on minimal input. It can take a single word like “password” and generate up to 13,198,680 combinations using common special character substitutions and suffixes, and up to all possible 3-digit numerical suffixes with all variations of special characters appended. It is a highly-specialized tool, which should be a regular go-to in the tool belt of all red teamers and pentesters.

5 views

Ransomware. Ransomewhere? Inside malicious installers on MacOS, that’s where.

by Jamey 0 Comments
Ransomware. Ransomewhere? Inside malicious installers on MacOS, that’s where.

With the new wave of ransomware attacks we have seen at the beginning of this week, especially targeted toward Spain, we can see that mostly Windows attack vectors are mostly being utilized, in what appears to be a variant of the Bitpaymer family, related to the Dridex group of malware.

But what does the future hold for attacks such as these? When will we see the attack vector change drastically to target something that your company is most-likely unprepared for? We are seeing bad actors targeting low-hanging fruit on Windows, while the world of end-users are going mobile. If iOS development is part of your enterprise, then whether you like it or not, MacOS literally has to be an integral part of your infrastructure…because XCode. Is it possible that this is something that has gone unnoticed in the threat detection landscape, or is the perception of the threat level just perceived to be so low that we haven’t yet come up with a good way to protect against it?

21 views

Test Case: Deploying a Hugo App to Heroku

by Jamey 0 Comments
Test Case: Deploying a Hugo App to Heroku

I have recently been hearing about Hugo and how easy it is to manage for blogs and such (it uses/renders Markdown), and ever since I heard about Heroku’s free tier, I’ve been wanting to give it a shot. This article will be documenting how I went about doing both.

7 views