Penetration Testing with Perl

July 13, 2014 in 802.11, Information Security, Programming, Publications, Systems Administration by trevelyn

The page is up for my newest book “Penetration Testing With Perl” !! I just finished Chapter 7 (SQL Injection with Perl) which was a very long chapter. There will be 13 so far, so I am closer to finishing than I was during my last post about it. It’s an amazing experience, in which I learn, get frustrated, get excited and happy, and feel the absolute power of Perl at my fingertips all at the same time. This is definitley my life’s biggest work to date. They have the amazon page up too, and the book will also be
read more

Digital Credential Analysis

June 23, 2014 in Howto, Information Security, Programming, Publications, Web Secuirty, WiFi Hacking by trevelyn

Rather than write a “free” article for an online magazine, I figured I’d just put this right here on my site. It’s a simple proposal for credential analysis from leaked credentials and from those gleaned during a penetration test for more accurate, targeted credential attack vectors. I propose not only simple methodology practices as examples, but even terminologies for the practice as well. Hope you enjoy, ~Douglas

WARCARRIER for Android Version 1.1

March 1, 2014 in 802.11, Android, gallery, Information Security, Mobile Development, Phone Phreaking, Programming, Warcarrier Application, WiFi Hacking by trevelyn

Almost complete. WARCARRIER for Android Tablets. This is the main screen at startup, including the menu options. Click on “catchMeNG! in the settings bar at the top right and you can input a string to troll for. This includes Bluetooth devices, BSSIDs, ESSIDs, etc. You can also choose “Plot Waypoint” to plot a new way point onto the Google Map: If you long-press on a any field (as the “Help” dialog shows from the Settings menu) You can find more information on the specific data that is presented. And as of 1.1 Beta, you can plot and scan for Bluetooth
read more

WARCARRIER 802.11 Probe Request Scanner for Android

February 24, 2014 in 802.11, Android, Howto, Information Security, Mobile Development, Programming, WiFi Hacking by trevelyn

The Application I just finished up coding a simple 802.11 scanning application for Android that uses Probe Requests to ask for all AP info in the vicinity. A station sends a probe request frame when it needs to obtain information from another station. It’s considered an “active” scan since it’s sending a request – using RFMON on your radio is passive and only sniffing. What’s cool about this type of scan is that it is easier to scan for networks when already associated to a service set. In passive scanning, with software like Airodump-ng, you get this same data from
read more

PHP and JSON Arrays of Password Data

January 21, 2014 in Howto, Information Security, Programming, Web Secuirty by trevelyn

With all of the leaked databases which seem to flood the internet on a daily basis, one can only wonder why we don’t have more sites like leakdb. Recently I have been writing some applications in which require parsing of JSON. JSON Is a Javascript Object Notation which is commonly used as a structured output from a web service. My research proved fruitless the more complex the design of this output. Luckily, I was able to easily come up with an analogy in which may save a few folks some time during development and testing of multidimensional arrays within JSON
read more