The Talon Conspiracy » The (in)Complete Library TALON’s web minions are volunteers, and while we do update the site regularly, this page rarely gets touched! For the most up to date listing of our available titles please check out our Site Map or start at the main page and scroll back. Standing on Our Own Two Feet When a new Certificate Authority (CA) comes on the scene, it faces a conundrum: In order to be useful to people, it needs its root certificate to be trusted by a wide variety of operating systems (OSes) and browsers. However, it can take years for the OSes and browsers to accept the new root certificate, and even longer for people to upgrade their devices to the newer versions that include that change. The common solution: a new CA will often ask an existing, trusted CA for a cross-signature, to quickly get it into being trusted by lots of devices. Five years ago, when Let’s Encrypt launched, that’s exactly what we did.
LM, NTLM, Net-NTLMv2, oh my! – Péter Gombos When attacking AD, passwords are stored and sent in different ways, depending on both where you find it and the age of the domain. Most of these hashes are confusingly named, and both the hash name and the authentication protocol is named almost the same thing. It doesn’t help that every tool, post and guide that mentions credentials on Windows manage to add to the confusion. This is my attempt at clearing things up. This post is geared towards pentesters in an AD environment, and it favors practical attacks against the different hash formats. A lot of inspiration is taken from byt3bl33der’s awesome article, “Practical guide to NTLM Relaying in 2017”.
Piloting SecureDrop Workstation for Qubes OS - SecureDrop In March, Freedom of the Press Foundation will begin to pilot SecureDrop Workstation for Qubes OS with select news organizations. The goal of the project is to make the SecureDrop experience more intuitive, and to decrease the time-on-task for journalists, without compromising security. With SecureDrop Workstation, journalists can use a single integrated computer to review messages and documents submitted by sources via SecureDrop, and to reply to them. We’re deeply grateful to Freedom of the Press Foundation’s friends and supporters for making this project possible, including the Mozilla Open Source Support Awards and our individual donors. A Review of the HackRF PortaPack (With Havok Firmware) - rtl-sdr.com The PortaPack is a US$220 add-on for the HackRF software defined radio (HackRF + PortaPack + Accessory Amazon bundle) which allows you to go portable with the HackRF and a battery pack. It features a small touchscreen LCD and an iPod like control wheel that is used to control custom HackRF firmware which includes an audio receiver, several built in digital decoders and transmitters too. With the PortaPack no PC is required to receive or transmit with the HackRF. Of course as you are fixed to custom firmware, it's not possible to run any software that has already been developed for Windows or Linux systems in the past.
DriveDroid Notifications for image hosting. Setup guide for first time use and device compatibility testing. Blacklist/whitelist in setup guide that checks whether device is found to be compatible or not. Ability to choose different USB systems for better device compatibility. untitled Posted by Felix, January 2017. Author contact: Twitter | Mail | LinkedIn Tags: buffer overflow, shellcode, exploit, dll trampolining, visual studio Ever heard of a buffalo overflow? How I do my Computing My computer I use a Thinkpad T400s computer, which has a free initialization program (libreboot) and a free operating system (Trisquel GNU/Linux). It was not sold that way by Lenovo, however; small businesses buy them used, recondition them, and install the free software. This is one of the computers endorsed by the FSF. Before using such Thinkpads, I used the Lemote Yeeloong for several years. At the time, it was the only laptop one could buy that could run a free initialization program and a free operating system.