• Download
  • Dream page
  • [STYLE]
  • Do we get to the other side?

    *cough* *cough* *cough*

    We are experiencing troubles with|in a|the tube(s). Please help us diagnosis this issue by verifying https://dave.thehorners.com/ is responding and displaying properly for you on your device. At this time, the main host is still

    OPERATIONAL,

    https cert is NOT locked on either http(s)! disturbance in the force. USE AT YOUR OWN RISK!

    it should work but lock may not show green and secure; that is expected. If you can't get to secure sites, please use http://dave.thehorners.com/. If your ISP has restrictions to certain sites, consider another provider or another VPN. Life is too short and precious to be controlled and manipulated. I pray for ALL those people who are endure under censor and control; This is the Land of the Free and the Home of The Brave....the always on always connected multi-verse Internet right?! What's your locale like? I hope it's not oppressive. See here, a beautiful view from satellite(s) below. God Speed; and Good Luck.

    .

    Ppl of the Internet. Right now, dave.thehorners.com is unavailable on the *[LTE AT&T network] (outage has been persistent for a long while; last personal report to ATT with no response 11/11/2018)

    I don' t know if it is an outage or what; but please do a tracert from your device and request access to dave.thehorners.com if it doesn't route from your ISP (at this time I only KNOW that LTE ATT is affected if you find otherwise, please post proof in deepdream. I was told 24 hours; but that was days and days ago. I would be interested in the help...frustrating figuring out a routing|sensor|censor problem. I will remove this message from my site when LTE is routing again from my phone. [DOWN NETWORK QUICK ACCESS NOTES] AT&T LTE - Customer service: 1 (800) 331-0500
    Pardon|Thank you|Merci|Gracias


    My current preferred deep dream site(s) are: fibFile dave.thehorners.com My last 3 deep dreams were:(b0caa;5141d;bcab1) the current time is 11/17/2018 at 01:56
    https://q4j2g5j9.stackpathcdn.com/ddg-dream/a9f99e2f09d974fdfc36e91384e18e453e9b0caa.jpg - AT&T
    https://q4j2g5j9.stackpathcdn.com/ddg-dream/01cce5bee4c316e5ae8e1a4f53957b527525141d.jpg
    https://q4j2g5j9.stackpathcdn.com/ddg-dream/70cebfdbcdeb8c09a0d9076a5c669d735cbbcab1.jpg


    If you are reading these bytes and you didn't have to hop around N+1 nodes to anon and make things confusing.....CONGRATULATIONS you're blessed to be free. Thank|Pardon|Garcias someone. It didn't happen by itself.
    and now back to the strange loop perspective of just another.

    Dave Horner's Website - Yet another perspective on things...
    Home Tech Talk Random Tech Security stuff - things that you need to learn, cause the other guys know.
    84 guests and Dave
    Rough Hits : 3552171
    moon and stars
    how did u find my site?





     
    our entire universe; minuscule spec in gigantic multiverse which is mostly lethal.



     
    Penetrating so many secrets, we cease to believe in the unknowable. But there it sits nevertheless, calmly licking its chops. -- H. L. Mencken
    1=0.999...

    Security stuff - things that you need to learn, cause the other guys know.

    Sunday, 02 December 2007 09:49
    Security it is a very important thing when it comes to digital systems. Software is easy to break and unbreakable software hard to write. If not impossible.
    Microsoft Office team deploys botnet for security research - Larry Osterman's WebLog - Site Home - MSDN Blogs

    SANS Institute - CIS Critical Security Controls

    CVE - Common Vulnerabilities and Exposures

    CVE - Common Vulnerabilities and Exposures (CVE)
    CVE security vulnerability database. Security vulnerabilities, exploits, references and more


    SpiderLabs Anterior
    Root25.com
    Errata Security
    Exploit Monday - Security Research and Esoteric PowerShell Knowledge
    Dan Kaminsky's Blog | (Or: The Blog Formerly Known As DoxPara Research)
    sla.ckers.org web application security forum
    Links « Ascii for Breakfast
    th3mast3r | pentest , Linux , hacking tools , IT security
    Trike: Trike
    Irongeek.com - Adrian Crenshaw's site on security,pentesting,weight lifting. MS Security Informatics.
    Darknet - The Darkside - Ethical Hacking, Penetration Testing & Computer Security
    Heid Security Blog | OSINT, Malware, Exploits, Vulns, and other interesting things I find on the Internet.

    Mitigation - dedicated machine, use live CD || does your bank work with my lynx browser?

    Alexander Heid. Modern CrimeWare Tools and Techniques - An Analysis of Underground Resources on Vimeo
    dedicated machine - only for banking, using a live CD.


    MSRC - Site Home - TechNet Blogs - Security Response Center Blog.

    Debugging / monitoring Tools

    DebugView for Windows v4.74
    RegMon for Windows v7.04
    Microsoft TechNet: Windows Sysinternals
    radare - Radare2 is an open-source reverse engineering toolkit, consisting of a disassembler, debugger and hex editor. radare examples
    Overview - Bokken - Nexo - a GUI for the Pyew malware analysis tool and Radare the reverse engineering framework.


    pyew - A Python tool for static malware analysis - Google Project Hosting

    Rootkit detection

    RootkitRevealer v1.71
    DiamondCS ProcessGuard rootkit prevention
    InfoProcess - Host Intrusion Prevention Systems
    F-Secure BlackLight
    The Strider GhostBuster Project
    Resplendence Software - RootKit Hook Analyzer
    Anti Rootkit Software - IceSword
    Anti Rootkit Software - RootKit Unhooker


    Hardening

    Samurai - A Host-based Intrusion Prevention System


    ARP Poisoning

    Anatomy of an ARP Poisoning Attack | WatchGuard
    Cain & Abel User Manual
    oxid.it - Cain & Abel


    Fixing the DLL loading vulnerability – Unhandled expression


    Diego Benna's Blog: How to secure an Ubuntu 12.04 LTS server - The Basics
    How to install PSAD Intrusion Detection on Ubuntu 12.04 LTS server | How To | The Fan Club | dynamic design solutions
    psad - Intrusion Detection with iptables, iptables Log Analysis, iptables Policy Analysis
    cipherdyne.org | System and Network Security
    OWASP


    Stenography

    Malware Hidden Inside JPG EXIF Headers | Sucuri Blog - yes, those bay guys will hide data anywhere, even in your exif.
    spread project
    Embedding and Hiding Files in PDF Documents | Didier Stevens
    exe2bat.py
    ##########################################################################
    #
    #   EXE to BAT converter Version 1.0                                     #
    #   This will use the classic DEBUG method to HEX-encode an executable   #
    #   into a batch script file. Enjoy.                                     #
    #                                                                        #
    #                                          rattle | awarenetwork | org   #
                                                                             #
    ##########################################################################
       
    from sys import argv as a, exit, stdout
    die = lambda x,n: stdout.write(x+'\n') or exit(n)
    
    try: f,b = open(a[1],'rb'),open(a[2],'w')
    except: die('[!] usage: exe2bat.py <exefile> <batchfile>',1);
    
    FOOTER  = ''.join(map(lambda x:"%%E%% "+x+">>T\n",
     ["RCX","%X ","N T.BIN","WDS:0","Q"])) 
    FOOTER += 'DEBUG<T 1>NUL\nMOVE T.BIN T.EXE 1>NUL 2>NUL\nT.EXE'
    
    FC,CX = 0, f.seek(0,2) or f.tell()
    
    if (CX > 0xFFFF): 
      f.close(); b.close()
      die('[!] filesize exceeds 64kb, quitting.',1);
    
    f.seek(0,0)
    b.write('@ECHO OFF\nSET E=ECHO\nDEL T 1>NUL 2>NUL\n')
    
    for chunk in xrange(0x1000):
      t = f.read(16) or b.write(FOOTER%CX) or die("",0)
      if t.count('\0')==0x10: FC += 1
      else:
        if FC > 0:
          b.write('%%E%% FDS:%X L %X 00>>T\n'%((chunk-FC)*0x10,FC*0x10))
          FC = 0
        b.write('%%E%% EDS:%X '%(chunk*0x10))
        b.write(' '.join(map(lambda x:"%02X"%ord(x),t))+'>>T\n')
    
    Random versus Encrypted Data | opensource.dyc.edu


    using prefetch to find secret files.

    8 bits: Live forensics: prefetch and powershell - cool, isn't it?, how about scary?


    Programs built to crash

    Exploits Database by Offensive Security
    Embedded in Academia : 57 Small Programs that Crash Compilers
    Crashing the Visual C++ compiler
    c++ - Why does VC++ 2010 compiler crash when compiling simple code? - Stack Overflow
    DVWA - Damn Vulnerable Web Application - PHP/MySQL web application that is damn vulnerable.


    Black electrical tape

    iSeeYou: Disabling the MacBook Webcam Indicator LED - enables video to be captured without any visual indication to the user and can be accomplished entirely in user space by an unprivileged (non- root) application. (a.k.a. No thought to security was given,geez.)


    inaudible ultrasonic sounds slinging your data - unplug all your speakers...

    Katee/quietnet - Simple chat program using near ultrasonic frequencies. near-ultrasonic chirps that can be received and interpreted by other, nearby computers. Quietnet is dependent on pyaudio and Numpy. Warning: May annoy some animals.


    oh, and using your monitor to broadcast in the AM band - better disconnect that monitor too.

    Tempest for Eliza - Tempest for Eliza is a Program that uses your computer monitor to send out AM radio signals. You can then hear computer generated music in your radio.

    Heartbleed - oh my.

    So, that secure software that you rely on uses OpenSSL. What year what that installed again? Oh man, you mean I have to touch the box again?
    Yes, you should patch it..... or decommission it.
    the unplugged machine is the most secure machine.
    server, I didn't say show everyone everything.
    OpenBSD forks, prunes, fixes OpenSSL | ZDNet
    OpenSSL Valhalla Rampage
    ?42: Is a strong caution about Heartbleed worth the disruption to distributions with a declared dependency on Crypt::SSLeay? - its not just the server that is vulnerable, the client is vulnerable to a remote attacking ssh server.
    A Few Thoughts on Cryptographic Engineering: Attack of the Week: Triple Handshakes (3Shake)
    A Few Thoughts on Cryptographic Engineering: Useful Cryptography Resources


    The Mouse Trap: Raising Lazarus - The 20 Year Old Bug that Went to Mars - the integer overflow is evident.


    How did they do that? | Richard Bucker - ** So how do we remain secure? Good question:
    - know your hardware
    - know your network
    - know your infrastructure
    - know your physical security
    - know your operating system
    - know your tools
    - know your employees
    - know your programmers, testers, etc
    - know your process
    - know all your 3rd parties
    
    It comes down to full stack awareness... the stack happens to be much bigger than once thought.

    Perl Cryto && random

    A Gentle TLS Intro for Perlers - IO::Socket::SSL, IO::Async::SSLStream, openssl incantations.
    What is wrong with perl's antique random number generator
    ?42: Don't leave randomness to chance (or, avoid using rand if it matters)
    ?42: Perl 5.20.0 brings a "better" PRNG to Windows
    Perl 5.20 uses its own random number generator | The Effective Perler - rand() for Windows had a max of 32,768 (15 bits), while POSIX has drand48 (48 bits).
    Math::Random::Secure - Cryptographically-secure, cross-platform replacement for rand() - metacpan.org - this one goes to eleven.


    hardware hackers

    Travis Goodspeed's Blog - GoodFET -- Home
    samy kamkar - home
    remote-exploit.org KeyKeriki v2.0 – 2.4GHz | remote-exploit.org


    Open Source Software Management | Black Duck - tool helps identify open source code within your internal codebases.

    < Prev  Next >
    Last Updated on Monday, 16 May 2016 20:11