Blog posts, page 2

Microsoft Office 365 email spoofing

Microsoft provides some email services for business customers. Advertisement page says «Securely run and grow your business».

Not belive!

Short story about «Orion Pro»: access control system without access control

Once during a pentest on one of the hosts on WI-FI network I discovered a lot of open ports (XML-RPC).

MacOS local DNS

Sometimes you need to use DNS on non-standard port. MacOS does not allow do this. The following recipe helps to get around this restriction.

Burp Suite Pro 1.7.31 Loader & Keygen reverse engineering

One sleepless night I decided to inspect how Burp Suite Pro 1.7.31 Loader & Keygen written by surferxyz works.

GitHub commit log OSINT tool

I was thinking about passive information gathering from GitHub repositories. In addition to information from code of repositories there is a information about history of changes which can be of value to the attacker.