Hacking a Cheap Temu WiFi Camera I recently got my hands on a cheap Temu WiFi camera made by Jooan. I figured I will attempt to hack this cheap Temu WiFi camera and stumbled upon an authentication bypass vulnerability. The vuln is pretty much because authentication verficiation is done client Read more…
Cloudflare Tunnel on Oracle VM in a Docker Container I could not get cloudflared to work on my Oracle VM when running it as a Docker container. I could see the tunnel is connected in Cloudflare Zero Trust, but I could not successfully expose an application running as another docker Read more…
Creating an Edge Agent in Portainer CE is way more complex that it should be. I will explain how to get Portainer Edge Agent to work vir Cloudflare Tunnel. Portainer Server Docker Compose Make sure you expose port 9000 and port 8000 on your container server. Your compose file should Read more…
Bettercap ARP Spoof and DNS Spoof Disclaimer: Only perform pentests on your own network or networks you are authorized to test. Bettercap is great tool pentesting tool to perform ARP spoof and DNS spoof attacks, also known as Man in the Middle Attacks (MITM). However, it has tons of other Read more…
Mikrotik Wireguard I have a requirement to have a separate Wireless network that will by default route all traffic over Wireguard. I will be using Surfshark VPN. Step 1: Get a key pair from Surfshark for the Wireguard config Log onto Surfshark, click on VPN, then Router, then Wireguard, then Read more…
ScubaGear – Secure Cloud Business Applications (SCuBA) Secure Configuration Baseline ScubeGear was released by CISA and assesses your Microsoft Cloud against “Secure Cloud Business Applications” (SCuBA) baseline policies. More can be found on CISA’s Github: https://github.com/cisagov/ScubaGear This post will serve as a quick starting guide. Download the ScubaGear Powershell application Read more…
Wireless Penetration Testing Disclaimer: It is a good idea to test your own personal wireless network or your company wireless network. Do this at your own risk and make sure you have permission to do the below. The tools we will use Tool Purpose airmon-ng Get your wireless NIC into Read more…
Metsaploit – Getting Started Dislaimer: The below article is meant to get you started with the basics, i.e. set up metasploit and run your first scan. You do this at your own risk, and make sure you have permission from the network owner before you do anything. Better yet, do Read more…
OpenVAS in Kali Linux OpenVAS is a free Nessus alternative for vulnerability scanning that you can easily set up in Kali Linux. Things can be a bit confusing, hence this tutorial to simplifying it. Disclaimer: Only scan networks you are authorized to scan. Take note that vulnerability scanning can sometimes Read more…