Brute forcing Gumroad Discount Codes
tl;dr - I notified Gumroad about a low-risk brute force attack against the discount voucher endpoint and it was fixed in a few weeks. Props to Sahil and his team at Gumroad for the quick fix!
tl;dr - I notified Gumroad about a low-risk brute force attack against the discount voucher endpoint and it was fixed in a few weeks. Props to Sahil and his team at Gumroad for the quick fix!
Original post can be found here: https://developer.rackspace.com/blog/scantron-a-distributed-nmap-scanner/ The Threat and Vulnerability Analysis team at Rackspace is charged with providing internal vulnerability scanning, penetration testing, and...
I had the opportunity to take Justin Seitz’s Automating OSINT (Open Source Intelligence) Master Course (https://register.automatingosint.com/) and wanted to write up my experience with it. I took the Master Course which bundled an introduction to...
Introduction The goal of this project was to develop a passive Google dork script to collect potentially vulnerable web pages and applications on the Internet. There are 2 parts. The first is ghdb_scraper.py that retrieves Google Dorks and the...
Motivation Short for Rackspace bob-the-builder, this script builds servers with Rackspace's rack binary https://github.com/rackspace/rack. The goal of the project was to combine a number of DevOps concepts I've been learning lately. Minimize...
Introduction Here in South Texas, outside water usage is dictated by the water level in the Edwards Aquifer, "a unique groundwater system and one of the most prolific artesian aquifers in the world"...
Introduction One of the most popular tools to collect email addresses and other target information during a pen test is theHarvester, written by Christian Martorella @laramies of the Edge-Security Group. The source code can be found here:...
Introduction One of the best tools for conducting document and metadata reconnaissance during a pen test is metagoofil, written by Christian Martorella @laramies of the Edge-Security Group. The source code can be found here:...
For security processionals and penetration testers that want to distribute nmap scans to different clients, Seb Garcia created a great tool called dnmap, short for distributed nmap. There are two main parts to dnmap. The first is the server...
batchconfig.py is a Python script to create customized Windows batch files for the purpose of conducting quick Incident Response, surveying a box post-exploitation, or assisting network administrators in managing their networks. batchconfig.py is...