I was trying to see if I comply with Microsoft email sending policies today. Apparently I’m doing perfectly fine according to the 5 points containing list, but the 5th option is a little concerning.
Continue reading “Microsoft’s fight for junk mail is a privacy risk”Abuse potential of some vending machine mobile payments in Finland
Mobile payments based on SIM card information + the IP address of the user have been used in Finland a few years, but some of the implementations don’t look so good.
Continue reading “Abuse potential of some vending machine mobile payments in Finland”Automating domain drop catching with Python
Has someone ever ‘taken’ your expired domain or has someone forgot to renew it ever, and then somone ‘took’ it? Unless you’re a celebrity or you’ve very strong trademark product, chances are that either you’ve to pay a large sum of money to the current owner of the domain, or wait for the domain to expire.
Continue reading “Automating domain drop catching with Python”Using the Great Firewall of China for your own good
When it comes to the China, there is this thing called the “Great Firewall” which simply uses number of different blocking methods (or attack vectors) to limit access to the internet for certain individuals in China. In this post I’m describing about using them for our own wellbeing.
Continue reading “Using the Great Firewall of China for your own good”Find all available short domains in certain TLD
This is just a small and nice script that you can use for finding any free domain in certain TLD with characters specified in regex.
Continue reading “Find all available short domains in certain TLD”Electron wrapping Microsoft Teams for Linux
Are you suffering from an organization that has taken a move to go away from the very dear Slack and taken interest in Microsoft Teams that has no official Linux client? Fear not. The solution is a simple Electron wrapper
Continue reading “Electron wrapping Microsoft Teams for Linux”Mass checking websites for PHP errors
After PHP versions 5.6 and 7.0 became unsupported, I decided to write a small script in Python that can go through urls defined in sitelist.txt or whatever you wish to use.
Continue reading “Mass checking websites for PHP errors”How to abuse contact list syncing for OSINT/DOX
In this purely educational post which doesn’t encourage anyone to try anything, I want to demonstrate dangers of linking phone numbers to social media accounts, because it’s bad to dox people and bad to get doxed. Unless the end justifies the means.
Continue reading “How to abuse contact list syncing for OSINT/DOX”Silent Partner Group datacenter plans too good to be true
The national broadcaster YLE published news about plans of the Silent Partner Group about new datacenters to be built to Finland (29th of October).
It’s a company that came out of nowhere and apparently claims to have funding for at least three new datacenters in Finland. Unfortunately the company seems to lack any proof that it’s possible and even the existence of the company is questionable. Continue reading “Silent Partner Group datacenter plans too good to be true”
Finding CVE-2018-10933 affected hosts with masscan
Libssh 0.6.0 and above have been affected by CVE-2018-10933. While mitigating this threat with patched versions that libssh team has published is easy, finding affected hosts is probably not, if you’ve not done good job at documenting your servers or if you simply don’t manage them.
Continue reading “Finding CVE-2018-10933 affected hosts with masscan”