Div0 Blog EditorSep 5, 20174 minNot So Lucky Draw11 August 2017 — I participated in an online lucky draw. Instead of winning some prizes, I stumbled upon two vulnerabilities. It turned out that their CAPTCH...
Div0 Blog EditorAug 3, 20176 minSending Spam SMSes via a Free WiFi ServiceWireless@SG is a nation-wide free WiFi service in Singapore. To get Internet access from a Wireless@SG hotspot, a user has to register their phone number, an...
Div0 Blog EditorMay 7, 20175 minShields Up! Wild West of the CyberspaceThe early days in the cyberspace used to be rather safe when compared to the increasingly hostile worldwide wild west, where various hostile governments, cri...
Div0 Blog EditorJan 4, 20152 min12th Day of Christmas: Browser Exploitation Framework (BeEF)On the 12th Day of Christmas, Div0 gave to me ... Browser Exploitation Framework (BeEF), theHarvester, nmap Scripting Engine (NSE), msfvenom, searchsploit, u...
Div0 Blog EditorDec 30, 20141 min7th Day of Christmas: urlcrazyOn the 7th Day of Christmas, Div0 gave to me ... urlcrazy, recon-ng, Zone Transfer Tool, Using Online Digest Databases, Hash Identification, Password Mutatio...
Div0 Blog EditorDec 29, 20141 min6th Day of Christmas: recon-ngOn the 6th Day of Christmas, Div0 gave to me ... recon-ng, Zone Transfer Tool, Using Online Digest Databases, Hash Identification, Password Mutation Using JT...
Div0 Blog EditorDec 24, 20141 min1st Day of Christmas: CeWLIt's December! We will be celebrating 12 days of Christmas Div0 Style. For the next 12 days, we will be making a post each day on a useful tool that can be f...
Div0 Blog EditorNov 18, 20143 minA Security Incident Explained as it Happened (Roughly)It is a nightmare for anyone running an Internet-facing information system when customers inform you that something strange going on. At first thought, you m...
Div0 Blog EditorNov 12, 20143 minPrimitive Defence against Good Old cURL Scanning AttackOne of the founding weaknesses in the HTTP protocol was the binding of file systems directly to URL paths. At the time of Gopher and the evolvement of web st...
Div0 Blog EditorJul 7, 20146 minNISEC: Zero Day Defence 2014 — What Went OnZero Day Defence 2014 is one of the few components in Singapore's National Infocomm Security Competition (NISEC). The task is to create a Web Application wit...
Div0 Blog EditorApr 22, 20143 minGlastopf – A Web-Application HoneypotAccording to SANS Top Cyber Security Risks (Jul, 2010), attacks against Web applications make up more than 60% of the total number of attempted attacks on th...
Div0 Blog EditorFeb 6, 20145 minThug – A Client HoneypotIntroduction to Thug & Client Honeypot Client honeypots are amazing tools for security practitioners who wish to perform a quick analysis of Websites, commun...
Div0 Blog EditorJul 14, 20123 minIntroduction to SSLThe Little Padlock "Make sure you see the little padlock icon to verify you are accessing online banking services or e-commerce websites 'securely'," — This ...
.png)