Deepfake Technology

by on Jan.27, 2020, under Videos

Deepfake technology can be used for malicious purposes. One notable example is when malicious actors used deepfake voice technology to swindle a CEO out of $243,000.

Leave a Comment :, , , , , , , more... web terminal root shell

by on Jan.01, 2020, under Posts

Recently, I’ve been reading up on containers and kubernetes. I have just discovered this. It just seems like it could be easily abused:

No authentication necessary. You simply click on Launch Terminal and you’ll get a root shell with full internet access.

(This is a frame from )

Leave a Comment :, , , , , , , , more... – ip list

by on Nov.04, 2019, under Blacklists, Posts

Here is a list of known ‘malicious’ IPs from It is updated daily. It’s in a list/plaintext format that should be easy to integrate.


#Update 11/10/2019

Here are a list of offending IPs that have targeted my honeypot I have setup. This will be updated daily as well:


#Update 11/13/2019

Here’s another list of IPs that have offended the WAF I use:


#Update 11/20/2019

Here’s a great post that has a bunch of lists that can be used:

#Update 11/26/2019

Another great resource:

#Update 11/30/2019

Here’s another list of IPs from


#Update 12/2/2019

Black Hat Direcory – Wall of shame list:


#Update 10/25/2020

Scamalytics Ips


#Update 02/24/2021


Leave a Comment :, , , , , , , , more...

Some quick and easy tools for working with segmented networks/VLANs

by on Oct.24, 2019, under Posts

Network segmentation can be a great tool for security and compliance. VLANing is a great means of achieving this. However, if you have to work on systems that are cut off from one another via this method, VLANs can become a pain. Here are some tools/websites that I use for working around VLANs to get my job done:

  • Portable storage devices, i.e. external hard drives/flash drives – very handy for when you have physical access
  • RMM tools, i.e. screenconnect, teamviewer, gotoassist, logmein, meshcentral, etc.
  • – The internet clipboard
  • Seashells – pipe standard output to this website and get a random link
  • Firefox SendĀ  – You can upload up to 1GB without needing an account
  • Google Drive – May seem silly but when you’re working in a very well locked down networks that do a lot of content filtering, google usually isn’t blocked
  • A public facing personal SSH server
  • An instant messenger where you can message yourself, like SlackĀ 

I hope this quick post helps some others. Feel free to leave comments below.

#Update 3/26/20: Other useful sites include (securely transferring sensitive information):


Leave a Comment :, , , , , , more...

NetCAT remotely leaking keystrokes from a victim SSH session

by on Sep.13, 2019, under Videos

Leave a Comment :, , , more...

Looking for something?

Use the form below to search the site:

Still not finding what you're looking for? Drop a comment on a post or contact us so we can take care of it!