Div0 Blog EditorMay 30, 20202 minPHP Type Juggling Vulnerability Tech Sharing + ChallengeWe start off our 1st Div0 Women In Cybersecurity (WICS) technical sharing with our WICS member — Monika Talekar — organising a 2-day week...
Div0 Blog EditorSep 5, 20174 minNot So Lucky Draw11 August 2017 — I participated in an online lucky draw. Instead of winning some prizes, I stumbled upon two vulnerabilities. It turned o...
Div0 Blog EditorAug 3, 20176 minSending Spam SMSes via a Free WiFi ServiceWireless@SG is a nation-wide free WiFi service in Singapore. To get Internet access from a Wireless@SG hotspot, a user has to register th...
Div0 Blog EditorMay 7, 20175 minShields Up! Wild West of the CyberspaceThe early days in the cyberspace used to be rather safe when compared to the increasingly hostile worldwide wild west, where various host...
Div0 Blog EditorJan 4, 20152 min12th Day of Christmas: Browser Exploitation Framework (BeEF)On the 12th Day of Christmas, Div0 gave to me ... Browser Exploitation Framework (BeEF), theHarvester, nmap Scripting Engine (NSE), msfve...
Div0 Blog EditorDec 30, 20141 min7th Day of Christmas: urlcrazyOn the 7th Day of Christmas, Div0 gave to me ... urlcrazy, recon-ng, Zone Transfer Tool, Using Online Digest Databases, Hash Identificati...
Div0 Blog EditorDec 29, 20141 min6th Day of Christmas: recon-ngOn the 6th Day of Christmas, Div0 gave to me ... recon-ng, Zone Transfer Tool, Using Online Digest Databases, Hash Identification, Passwo...
Div0 Blog EditorDec 24, 20141 min1st Day of Christmas: CeWLIt's December! We will be celebrating 12 days of Christmas Div0 Style. For the next 12 days, we will be making a post each day on a usefu...
Div0 Blog EditorNov 18, 20143 minA Security Incident Explained as it Happened (Roughly)It is a nightmare for anyone running an Internet-facing information system when customers inform you that something strange going on. At ...
Div0 Blog EditorNov 12, 20143 minPrimitive Defence against Good Old cURL Scanning AttackOne of the founding weaknesses in the HTTP protocol was the binding of file systems directly to URL paths. At the time of Gopher and the ...
Div0 Blog EditorJul 7, 20146 minNISEC: Zero Day Defence 2014 — What Went OnZero Day Defence 2014 is one of the few components in Singapore's National Infocomm Security Competition (NISEC). The task is to create a...
Div0 Blog EditorApr 22, 20143 minGlastopf – A Web-Application HoneypotAccording to SANS Top Cyber Security Risks (Jul, 2010), attacks against Web applications make up more than 60% of the total number of att...
Div0 Blog EditorFeb 6, 20145 minThug – A Client HoneypotIntroduction to Thug & Client Honeypot Client honeypots are amazing tools for security practitioners who wish to perform a quick analysis...
Div0 Blog EditorJul 14, 20123 minIntroduction to SSLThe Little Padlock "Make sure you see the little padlock icon to verify you are accessing online banking services or e-commerce websites ...