Bug bounties use a dramatically more open scope of targets to find security flaws than your average pentest. And while we might still lean on pentests for compliance purposes, there is a lot of merit to hacking yourself the bug bounty way.

Read More

You can probably find a number of articles on manually installing golang on kali linux from a while back, but Golang is available in the Kali repos now, requiring some slightly different defaults. Here is the process to get it running now.

Read More

If you've heard of Privacy Engineering, you know it is rising rapidly in relevance, but in my opinion, it's not truly defined yet. It's 2020, the CCPA is in effect, and with surveillance, IoT, drones, facial and other biometric recognition, cryptocurrencies and increased regulation, it's going to be a pivotal decade for tech. Early last year, the concept of Privacy Engineering started gathering traction, entering the Gartner glossary, and being pushed by industry groups like the IAPP. It's an interesting area to understand, because it's a problem not yet fully solved, and relevant to us all.

Read More

Hyperion is a runtime encrypter for 32/64 bit portable executables, typically used to evade antivirus software. Here are step by step instructions to build hyperion on your Kali system.

Read More

There are a lot of complicated tutorials on how to get xRDP working on Kali Linux. I suspect the tutorials have become complicated as they address a variety of bugs that xRDP and connecting software has had over time, but there isn't much you actually need to do. Here are the steps to be able to RDP into your Kali box locally, and via an SSH tunnel over the internet.

Read More

You may not be aware, but there is a new privacy law coming in the US, and though we don’t yet know the exact form it might take, it’s impact will be deeply felt. All around the world, new laws such as the GDPR are being enacted as governments struggle to catch up with technology. In Brazil the government has passed the LGPD, in Vietnam the government has passed similar legislation, under what is referred to as the ‘Cybersecurity Law’, and in California the state legislature has passed the CCPA. Many other governments are in the midst of a similar process, having their sights set on mandating digital rights, and enforcing data sovereignty, including the US government.

Read More