Twenty years ago… I decided to start a blog to share my thoughts! That’s why I called it “/dev/random”. How was the Internet twenty years ago? Well, they were good things and bad ones… With the years, the blog content evolved, and I wrote a lot of technical stuff related
“TorWitness” Docker Container: Automated (Tor) Websites Screenshots
The idea of this Docker container came after reading the excellent Micah Hoffman’s blog post:Â Dark Web Report + TorGhost + EyeWitness == Goodness. Like Micah, I’m also receiving a daily file with new websites discovered on the (dark|deep) web (name it as you prefer). This service is provided by @hunchly
How Shared Hosting Can Affect Your Reputation?
A quick blog post about the risks associated with shared hosting solutions. Today it’s very easy to rent some space on the intertubes. They are tons of companies which give you some gibabytes of storage and bandwidth for a few bucks per month. It’s easy as 1-2-3, even Granny is
WordPress GET Requests Flood?
Let me share this story with you. I faced a strange incident last Saturday. My web server was flooded with thousands of GET HTTP requests generated by WordPress blogs. Those connections apparently seemed legit. The “attack“, let’s call it like this in a first time even if I don’t think
The Cobbler’s Children Go Barefoot Also in Security
The title of this quick post says all… evenmore in the security field! This story has been reported by a friend of mine. His wife would like to dispute a transaction made with her credit card. Never a funny story but it may always happen! (my own card was also
Kicking Out Bots with ModSecurity
If you are the administrator of an online forum, a wiki or any website which accepts user data, you problably also know this feeling: Bots are a pain and fighting them looks like an endless loop! Your websites are constantly scanned by bots which try to create fake accounts then
The Side Effect of Typo Errors
Typographical errors (or ‘typo’ in short) are very common since the invention of printing press. It started with people inverting block letters in movable type. Still today, we can find plenty of them in books, newspapers or any other visual media, but also on the Internet. In classic(old) medias, this
mysql.com pwn3d… so what?
This is probably the breaking news of this weekend on security blogs and websites: mysql.com and other related sites have been compromised! This was disclosed via an e-mail sent to the full-disclosure mailing list (copy here). If you take the time to read the message, you will learn that the
You Like? Spammers Like You Too!
Our best worst friend Facebook is full of resources. Not only for attackers but also spammers. The “I like” button became very popular on many personal (blogs) and professional websites. Basically, the purpose is simple and efficient: If you are logged on Facebook and visit a website which proposes an
URL Filtering with Squid
Next to my digital life, I’m also the happy father of two young girls. The first one is already ten years old and smoothly discovers the “Wonderful Internet“. Being an Infosec guy, it sounds logical for me to implement some safeguards. First, let the technical stuff aside and talk! Some