Man in the Middle attacks on mobile apps - 2018-02-01 17:17:29

Written by Jay During most mobile application or IoT pen test, it’s often a requirement to perform a man in the middle attack to view network traffic. Below are some approaches which work when the it’s not possible to set a system proxy (or when a mobile application does not honour it). ARP Poisioning Pros/Cons Pro cons Easy |Active attack; can be detected Redirects all traffic |Can be risky |Device and laptop need to be on the same network.

SPF / DKIM / DMARC - Where to start - 2018-01-20 20:16:23

Written by Tim SPF / DKIM / DMARC - Where to start The alphabet soup from the title of this blog post are the DNS records you should have in place to help keep your domain from being abused by a spammer. Or worse, someone spreading malware. If you already have them in place, congratulations. Why are you reading this article? Move on to DNSSEC. Still here? Good. Since it’s creation, email has never had security in mind.

The injected coinhive iframe - a quick look - 2018-01-15 19:55:50

Hi everyone, this is my first blog post so I thought I’d introduce myself: My name’s Brett, I’m currently a security engineer for a MSP where a portion of my job (as well as being a member of the SOC) is to look after and make sure the abuse queue is dealt with and ensure that the abuse of our services are kept to a minimum. I’m writing this blog post up because I do see this type of compromise a lot and I thought I would share my experiences in how I’ve seen it occuring in the wild in the hope that it will help Threat hunters and other similar roles in discovering and dealing with such compromises and the kind of simple IOCs and data points to look for!

Blogging With MGH - 2017-12-17 17:09:50

Written by Jay Manchester Grey Hats is about bringing the community together and because of that, we wanted to create a blogging platform for anyone wanting to use it. Blogging with MGH is not like blogging with some of the other platforms. It might seem quite complicated and roundabout to start with but it gives us a few benefits: Security. We are using static files so we have a smaller attack surface.

Hacking Home Routers For Fun And Practise - 2012-07-18 10:18:28

Written by Jay As a Software Guy ™ I tend to be way more comfortable reversing a binary than following the tracks on a chip and it’s for that very reason that I decided to document the process of hacking home routers the hardware way. The end goal, as always, is and see what kind of access can be gained and ideally get access to some kind of shell with root privileges.

Reddit Notification Router Mod - 2012-07-07 09:29:33

Written by Jay I wanted to be notified of reddit PMs when all computers were off. Unfortuantly I don’t have a phone which can subscribe to RSS feeds so the solution was to create a couple of (quick and dirty) shell scripts which will blink a LED on a modified Buffalo WHR-G125 router running Tomato firmware. Soldering is required to attach an LED to an unused output pin. If hardware hacking isn’t your strong point (god knows it’s not mine) you should be able to hijack one of the existing LEDs, such as DIAG or ROUTER.