Some time ago, I came across this article on Hacker News. I recommend you read the whole thing. But in short: A social media site for woman called “Giggle” used an API that pretty much exposed every users data, if you did so much as to request it. This is called an IDOR vulnerability. The … Read more
Today, I felt like sharing one of my favourite experiences that I had in my still short career as a Web Developer. It’s a Story in which I am tasked with investigating a server issue, which quickly lead to me detecting a hacked system. Prologue The Summer rolled around and schools closed for the summer … Read more
When most people would describe the Android Platform, things like customizability, device diversity and pricing are usually named. Security on the other hand, most likely will not come to people’s mind. At least in my experience that is. Most people just don’t perceive Android as being especially secure. The biggest reason could be the more … Read more
Sometime in 1260–1180 BC some smart Greek dudes used a “Trojan Horse” to smuggle their soldiers inside of the city of Troy. In 2019 some smart Chinese dudes use a software called “Trojan” to smuggle their TCP/IP Packets outside of the country. And I think that’s just as exciting. Continuing to research about Firewalls and … Read more
In my last post I have elaborated multiple reasons as to why someone would want to bypass a Firewall. Now that this is established, here comes the part where we get to the “how”. If you don’t care about the technology behind any of this, jump to the conclusion. However, if you are interested in the theory behind Firewall … Read more
Oh boy here goes. This is the first post of many, in which I will touch the topic of bypassing Firewalls. This being the Introduction of this series, I will focus on setting the topic up, providing explanations and all that stuff. Some of the resources I will provide are screenshots from chats I took … Read more
Recently, I have seen a lot of people in the InfoSec- and Online Privacy Community having lenghty discussions about which companies we can trust these days. At the very least, since Snowden has leaked various documents, many companies have been labeled as either “trustworthy” or “not trustworthy”. These companies and services are rated by their past actions, and the … Read more
One day, I was watching some DefCon talks at YouTube, as I often do. One of the videos was titled “Google Hacking for Penetration Testers“. This title sounded very interesting, but also didn’t tell me much about what to actually see in there. So naturally, I watched it. It was amazing. All I could think … Read more
Over the last year or so, I have seriously stepped up my security game. These days, fraudsters have an exceptionally easy job of getting your data. With all these data breaches reaching from small websites that have bad encryption (if any) to online stores. This data can be used as a whole to create so … Read more
This is Part 2 of my Series about unconventional usage of JavaScript. Please read part 1 first if you haven’t already, as I will write this second part less noob friendly. This time I will take a look at a JavaScript powered game, which features a Online Leaderboard to show off your 1337 Hacker Skills to the … Read more
This post is part of a multi-part Series where I write about fun things you can do with just some JS and a modern day browser. Part 1 is about getting Free Premium Features on textmechanic.com. What do I need? A browser. I will be using chrome Basic understanding of programming as well as the HTTP … Read more
Over the last 2 years, I found various interesting articles regarding brutalism in web design. Even though they do not necessarily considered themselves talking about that topic. If you don’t know what Brutal web design is, then let me quote one of the said articles to sum it up quickly: Originated in post-World War II … Read more
If you take a close look at my GitHub Profile you will notice that I primarily license my projects with the UNLICENSE. It’s contains the following statement: This is free and unencumbered software released into the public domain. Anyone is free to copy, modify, publish, use, compile, sell, or distribute this software, either in source code form … Read more
This article is primarily written about the platform GitHub. If you are unfamiliar with this platform, it might contain terms that will just confuse you. I recommend reading THIS first. One of the nicest things to experience as a developer is when the things you made actually get used by people. That they find it actually useful (and … Read more
Around 2015-2016 I was getting more and more involved in webdevelopment. Before that my coding revolved mostly about some Batch scripting or Automation scripts with AHK. Nothing fancy and barely over 100 lines each. Having made my first somewhat good looking website at that time, I wanted to made it available to the public eye. At first … Read more
Ask the media, then ask an older programmer from the 80’s. Maybe ask your best friend and now, ask yourself: Who or what is a “hacker”? This one particular word is being misused by the general public for years now, drawing the picture of that lonely criminal, sitting in an all dark room watching the matrix intro … Read more