I love food. This means that I'm bound to compete for reservations at good restaurants with the the hipsters that are native to San Francisco. This is a peek into the arms race going on in restaurants reservation right now.
Once in a while I open wireshark and just look at my baseline traffic. It's useful for when I actually want to find something weird to quickly distinguish between what's normal and what looks fishy.
Chances are that you have, at least once in your life, deleted files that you had no backups of. This is the story of how I partially recovered some of my files after deleting them on a Linux ext4 filesystem.
I've been noticing for a while a huge delay when opening new tabs on iTerm (or terminal.app). This would range from 3 to 7 seconds when opening a new tab. It was driving me nuts.
There have been hundreds of articles about the recent password hash leaks from Linked-in and eHarmony.
One particular detail that most of these articles seem to have in common is the fact that they point at the inexistence of a 'salt' as the security mistake that made this leak particularly damaging…
This tool essentially outputs a list of exploits that you might want to try out after you gain local access to a host. Nothing you cannot do manually, and not the most brilliant tool ever but still, useful.
Services like pastebin.com are useful for sharing and discussing code. However, people trust the generated URLs to be unknown to anyone else, other than the people we want to share them with. This false sense of security brings us to this post: sensitive information being shared with the world, unintentionally.
Sometimes, this is all you need:
glow:~ dmonica$ python -m SimpleHTTPServer 8000
Serving HTTP on 0.0.0.0 port 8000 ...
This simple command has saved me hours of precious time. I've even used it to transfer files between multiple hosts (HTTP server on one end, one wget on all the other hosts). More details here.
Sniffing in OS X has been a reality for quite some time, thanks to the effort of people like the guys from Kismet and KisMAC...
I've just released a tool called py-cookieJsInjection on github (see Part II of this post here).
It can be used to sniff and replicate any cookies going on the wire or to filter out specific information, such as Facebook profiles