All Stories

IP Camera Control Protocol is Not Safe

When I first started on this post, I intended to write about some fun things one can do with a $30 Rosewill IP camera (RXS-3211). While I still intend to do this in the near future, I...

In Jan 01, 2009

Sergio Proxy

So after a ridiculously long period of procrastination, I finally got around to updating Sergio Proxy to make it remotely usable. I was never very happy with how the initial code turn...

In Jan 01, 2009

JavaScript Port Scanners

In case you were living in a cave the last few days or aren’t subscribed to any of the security mailing lists out there, you probably already have seen these links but I’m putting the...

In May 05, 2007

Is XSS Good For SEO?

There’s an interesting post over at Venture Skills blog talking about if XSS is actually good for SEO purposes. While I don’t have any conclusive evidence that he is wrong or right (a...

In May 01, 2007

Google Redirects Help Phishers Again

The site is down now, but I got yet another phishing email using Google redirection to hide the real address that the user is being forwarded to. Sorry for the super long line (had to...

In Mar 01, 2007

Google Files On the Internet

Ronald had a really good post about how Google’s files were open to the world. A few people messaged me and said they were surprised I didn’t jump on it the second it was mentioned. Y...

In Jan 02, 2007

Google Announces Invalid Domain Through Blacklisting

Click fraud is a big deal (Google claims it’s as low as a few percent but other leading industry experts disagree and put it much higher). I was actually fairly impressed that Google ...

In Jan 02, 2007

CAPTCHA Curiosity

Tim Tucker posted an interesting solution to some of the CAPTCHA solving stuff going around. He posted that to comment on his blog you must enter any data, as long as it’s incorrect. ...

In Jan 01, 2007

Alexa Fallacy - As if Anyone Thought Otherwise

Okay, no more theories, no more guesswork, I finally have proof that Alexa data does not jive with actual real internet traffic patterns. Well, at minimum it doesn’t match what they c...

In Jan 01, 2007

Malicious SERP Arbitrage Lessons

I spent the better part of my free time for today putting together a rather sophisticated search engine result page arbitrage tool. No, I won’t release this one. Partly because it suc...

In Jan 01, 2007

Ads