Rafe Hart

Thoughts on security, privacy, and building software.

What Bug Bounties teach us about Scope

18 May 2020

Bug bounties use a dramatically more open scope of targets to find security flaws than your average pentest. And while we might still lean on pentests for compliance purposes, there is a lot of merit to hacking yourself the bug bounty way.

Read More

Installing Golang on Kali Linux

29 March 2020

You can probably find a number of articles on manually installing golang on kali linux from a while back, but Golang is available in the Kali repos now, requiring some slightly different defaults. Here is the process to get it running now.

Read More

What is Privacy Engineering?

05 January 2020

If you've heard of Privacy Engineering, you know it is rising rapidly in relevance, but in my opinion, it's not truly defined yet. It's 2020, the CCPA is in effect, and with surveillance, IoT, drones, facial and other biometric recognition, cryptocurrencies and increased regulation, it's going to be a pivotal decade for tech. Early last year, the concept of Privacy Engineering started gathering traction, entering the Gartner glossary, and being pushed by industry groups like the IAPP. It's an interesting area to understand, because it's a problem not yet fully solved, and relevant to us all.

Read More

Installing Hyperion on Kali Linux

17 October 2019

Hyperion is a runtime encrypter for 32/64 bit portable executables, typically used to evade antivirus software. Here are step by step instructions to build hyperion on your Kali system.

Read More

Installing xRDP on Kali Linux

13 October 2019

There are a lot of complicated tutorials on how to get xRDP working on Kali Linux. I suspect the tutorials have become complicated as they address a variety of bugs that xRDP and connecting software has had over time, but there isn't much you actually need to do. Here are the steps to be able to RDP into your Kali box locally, and via an SSH tunnel over the internet.

Read More

The Coming US Privacy Law

03 February 2019

You may not be aware, but there is a new privacy law coming in the US, and though we don’t yet know the exact form it might take, it’s impact will be deeply felt. All around the world, new laws such as the GDPR are being enacted as governments struggle to catch up with technology. In Brazil the government has passed the LGPD, in Vietnam the government has passed similar legislation, under what is referred to as the ‘Cybersecurity Law’, and in California the state legislature has passed the CCPA. Many other governments are in the midst of a similar process, having their sights set on mandating digital rights, and enforcing data sovereignty, including the US government.

Read More