Official fingerprint reader support arrived in Android 6.0, yet many people still think it’s only for unlocking the phone. In fact, if you know your way around Tasker, you can map it to virtually any action.
CONTINUE READING 🡒 
Deploying Snort IDS and Writing Intrusion Detection Rules
Attackers can compromise even the most hardened systems, and administrators may go months without noticing an intruder who has gained a foothold and is exfiltrating data. To prevent this and detect attacks, there are intrusion detection systems…
CONTINUE READING 🡒 
Total Commander Reverse Engineering: Bypassing Protection in All Versions
Total Commander (formerly Windows Commander) is a popular graphical file manager for Windows. You can find plenty of methods to crack it on warez sites. Their perennial downside is how kludgy they are: every time a new…
CONTINUE READING 🡒 
Getting Started with VR: A Comprehensive Guide to Virtual Reality…
Public interest in VR waxes and wanes, but the tech keeps getting better. If you’re thinking about picking up a VR headset, this guide is for you: we’ll break down the strengths of what’s on the market…
CONTINUE READING 🡒 
Ghidra vs IDA Pro: What the NSA’s Free Reverse Engineering…
In March 2019, the U.S. National Security Agency (NSA) released a reverse‑engineering toolkit called Ghidra. I’d first come across the name a couple of years earlier in WikiLeaks leaks and was very curious about what the NSA…
CONTINUE READING 🡒 
Android Performance Optimization: Eliminate App Lag, Jank, and Long Loading…
Performance is one of the most critical aspects of a mobile app. Your app can be as feature-rich, polished, and useful as you like, but if it feels sluggish, failure is almost guaranteed. The good news is…
CONTINUE READING 🡒 
Gridcoin: Earn Cryptocurrency Rewards for Scientific Computing
While some people mine crypto, others crunch scientific data. Until recently, you had to choose between profit and altruism, since most distributed computing projects don’t offer payouts. Now there’s a third‑party rewards program, and it’s already showing…
CONTINUE READING 🡒 
How to Install VirtualBox on Tails OS and Route VM…
Tails is the best operating system if your goal is to maximize your anonymity online. But it has a few quirks, and one of them is that you can’t properly install VirtualBox using the standard tools. We’ll…
CONTINUE READING 🡒 
DIY USB HID Attack Device: Building and Programming a BadUSB…
USB’s versatility creates a broad attack surface: researchers at Ben-Gurion University have identified nearly three dozen ways to weaponize USB. In this article, we’ll examine one of the most effective approaches—automating keystroke injection using a DIY HID-class…
CONTINUE READING 🡒 
OAuth successors. Attacks targeting OpenID Connect
OpenID Connect is a reenvisioning of the OAuth protocol; it was designed to solve the authentication problem and patch security holes in the original specification by making the standard more stringent and demanding. But people continue making mistakes, and misconfigs resulting in vulnerabilities still occur. This article…
CONTINUE READING 🡒 
Python Computer Vision: Training a Neural Network for Bear vs.…
You’ve probably heard that neural networks have gotten amazingly good at recognizing objects in images lately. Our goal is to learn how to put them to work, because that power can be useful in all kinds of…
CONTINUE READING 🡒 
Build a Privacy-First Smartphone Without Backdoors—Why It’s Easier Than You…
What does your phone know about you? How securely does it store your data, and who can access it? Fortunately, you can now build and program your own mobile phone in just a few days. That’s exactly…
CONTINUE READING 🡒 
Two Alfa USB Wi‑Fi adapters are better than one: preparing…
In earlier articles on pentesting Wi‑Fi access points, we covered the basics; now it’s time for more advanced techniques. We’ll look at adapter specifics and turn up the power on our dongle. This is necessary to use…
CONTINUE READING 🡒 
Inside Drone Software: How UAVs Are Programmed for Autonomous Flight
Flying a quadcopter is an art in its own right, and writing the software that lets it fly autonomously is just as exciting. In this article, I’ll show how to build a Python program to pilot a…
CONTINUE READING 🡒 
Android Code Injection with Frida: Hooking and Instrumenting Third-Party Apps
When we talk about reverse‑engineering and modifying third‑party applications, we usually mean using a decompiler, a disassembler, and a debugger. But there’s a tool that takes a very different approach: Frida—a toolkit that lets you inject into…
CONTINUE READING 🡒 
Ansible: Automating System and Application Deployment
Ansible is a tool almost everyone has heard of, but it’s mostly used by system administrators. Developers and researchers typically encounter it when they need to spin up their own servers or deploy an existing configuration. That…
CONTINUE READING 🡒 
How Digital Audio Encoding Works: Sampling, Quantization, Bitrate, and Codecs
Ever wondered how digital devices play back sound? How a stream of ones and zeros becomes an audible signal? If you’ve started reading, you probably have. In this article, you’ll learn how different audio formats came about,…
CONTINUE READING 🡒 
Firewall Level 2: Configuring a MikroTik Router to Block Common…
In this article, we’ll cover how to harden a MikroTik router against attacks and port scans, and how to keep your network off blocklists. The techniques you learn here will also help you configure other types of…
CONTINUE READING 🡒 
Supercharge Nmap: Advanced Penetration Testing with Firewall Evasion, Dirbusting, DoS…
Nmap is the gold standard among port scanners and one of a pentester’s most important tools. But can you honestly say you’ve mastered all its features and use cases? In this article, you’ll learn how to use…
CONTINUE READING 🡒 
Decoding Ping, Traceroute, and WHOIS Output for Effective Network Troubleshooting
Ping, traceroute, and whois are among the first tools new admins learn. Many people who aren’t network specialists stop there—and that’s a mistake. With the standard toolset you can pull far more information about a problem than…
CONTINUE READING 🡒