Profile cover photo
Profile photo
Gareth Davies (ShaolinTiger)
1,561 followers -
Hacker, Whisky & Craft Beer Lover, SCUBA Diver and avid traveller.
Hacker, Whisky & Craft Beer Lover, SCUBA Diver and avid traveller.

1,561 followers
About
Gareth's posts

Post has attachment
LastPass has f##ked up again with the Chrome extension freely leaking passwords to any malicious website that asks for them, just a week after the Firefox extension doing similar things. Sigh.

Post has attachment
SessionGopher is a PowerShell based session extraction tool using WMI (so it works locally and remotely) to extract session information from WinSCP, PuTTY, FileZilla and more.

Post has attachment
Ubiquiti has gotten caught with it's pants down again, using a 1997 version of PHP with URL injection possible, fortunately they've reacted pretty fast and pushed out patches - so update your gear!

Post has attachment
A highly customizable web fuzzer with a simple GUI, user-friendly, effective and consistent Powerfuzzer is a userful tool for HTTP protocol based application fuzzing.

Post has attachment
Angry IP Scanner is a very fast, portable, cross-platform network and port scanner. Available for Windows, Linux and Mac OS X, it also has some basic NetBIOS features.

Post has attachment
WikiLeaks has dropped a MASSIVE cache of CIA docs including exploits, hacking tools and all kinds of other stuff including using Smart TVs as monitoring devices. Plus they claim this is only PART ONE!

Post has attachment
Finally, a well put together, well presented, easy to use MongoDB security auditing and pen-testing tool. Written in Python mongoaudit covers all the basic checks to get your MongoDB install secured.

Post has attachment
Another default installation of MongoDB getting ransacked, this time with recordings of kids voice messages to their parents via the IoT style CloudPets soft toys. Over 820,000 user accounts leaked including over 2 million voice recordings.

Post has attachment
Termineter is a Python based modular framework for the security testing of Smart Meters, this includes brute force attacks and testing for vulnerabilities around energy consumption fraud.

Post has attachment
ShellNoob is a tool to help you write shellcode, it automates the tedious and error prone manual parts like format conversion. Don't mistake it for a shellcode generator, as it doesn't do that.
Wait while more posts are being loaded