StegocryptoPy: Hide It in Plain Sight 2.0

  I improved on my steganographic tool I wrote previously to include AES encryption and tested files produced by the new tool. No surprise, file appended steganography is pretty ineffective but I had a fun time...

Web Controlled Christmas Tree

I was recently browsing /r/InternetIsBeautiful and came across a site that a family in Fairbanks, AK puts up each year that allows web access to their Christmas lights, making it possible to switch the exterior lights...

IR Policies When Considering CIA

Organizations of any significant size that provides some kind of service inevitably handles sensitive information. When considering a service-oriented organization in contemporary terms this service would be either delivered within a digital medium or would...

Hide It in Plain Sight

Part of a malware analysis I wrote on included a payload hidden in a Graphics Interchange Format (GIF) file. A reverse shell backdoor embedded in a GIF image file was uploaded to a server and...

CVE-2015-1427 Elasticsearch Vulnerability

Elastic’s data aggregation product, Elasticsearch (versions 1.3.0-1.3.7 and 1.4.0-1.4.2) is vulnerable to remote code execution via groovy code script. Elasticsearch is used by major companies such as FICO, Ebay, and WordPress to keep track of...

Perl Script to Create MYSQL INSERT Statements

At my job I was required to import 500+ user records into a MYSQL database. I was given a CSV file that included user information such as last name, first name, password, etc. My access to the database is limited to the MYSQL Query application that allows me to run queries on tables and make modifications through SQL statements.

Raspberry Pi Powered Internet Controlled RC Car

While browsing one of my favorite sites Instructables for a reason to use my Arduino Uno, I came across this tutorial for an Internet controlled RC car. I really liked the idea repurposing a cheap...

Find File Signatures within a Hex File

In attempting to learn Python, I’ve been trying to find any reason to implement the language into any project I could think of. I thought it would be a great learning experience to incorporate Python...

BSides Orlando

Security BSides describes their organization as “the first grass roots, DIY, open security conference in the world!” BSides is a medium that allows for local community organizations to host Information Security oriented conferences in their...