Profile cover photo
Profile photo
Micah Hoffman
About
Posts

Post has attachment
My led matrix project

Post has attachment
Complex Knowledge-based Password Reset Strings
With all of the data breaches recently, I urge everyone I know to use a password manager application like KeePass ( http://keepass.info/ ) or LastPass (Yes I know they too got hacked) to store complex, long passwords. The benefit to using these apps is that...

Post has attachment
My Favorite Burp Suite Extensions
My new buddy Matt ( https://twitter.com/matt0177 ), long-time SANS TA and Facilitator and all-around amazingly-smart dude, asked for my suggestions for Burp Suite extensions that I like using. This post is for him (and you). Burp Suite  is one of the core t...
My Favorite Burp Suite Extensions
My Favorite Burp Suite Extensions
webbreacher.blogspot.com

Post has attachment
Infosec Resumes: What do employers care about?
Ever wonder what hiring managers look for in "good" resumes? While I cannot speak for my employers, I can say that there are certain pieces of resumes that I care more (or less) about when I review them. Who I usually am looking to hire people that are comp...

Post has attachment
Recon-ng: Profiler Module
My newest recon-ng module, " profiler ",  is going to really blow you away. It doesn't do anything miraculous like crypto or ZigBee or SCADA but it does make it easy for you to get information about users on the Internet. Here is the basic premise: you want...
Recon-ng: Profiler Module
Recon-ng: Profiler Module
webbreacher.blogspot.com

Post has attachment
We are Running Away from Security.
Lately I've been doing more and more Open Source Intelligence (OSINT) work where I look on the Internet for information about a subject and then compile it into a dossier of sorts. They can be very powerful and present a compelling picture. I gave a "Runnin...

Post has attachment
Recon-ng: Profiler Module
My newest recon-ng module, " profiler ",  is going to really blow you away. It doesn't do anything miraculous like crypto or ZigBee or SCADA but it does make it easy for you to get information about users on the Internet. Here is the basic premise: you want...
Recon-ng: Profiler Module
Recon-ng: Profiler Module
webbreacher.blogspot.com

Post has attachment

Post has attachment
Behind the Curtain: User-Agent and You
Let me ask you a question dear reader, have you ever visited a website that one of your friends posts a link to only to find that the site requires you to register for an account before you can see the content? Or perhaps you visited a web site on your comp...

Post has attachment
Tilde Enumeration
The Vulnerability A while ago I found a bunch of web servers that had the Microsoft IIS Tilde Enumeration vulnerability on them. You can read more about the vuln  http://soroush.secproject.com/downloadable/microsoft_iis_tilde_character_vulnerability_feature...
Tilde Enumeration
Tilde Enumeration
webbreacher.blogspot.com
Wait while more posts are being loaded