A technical walkthrough of the 2025 Bundespolizei Capture The Flag competition, covering challenges in forensics, reversing, cryptography, and network analysis.
Auditing Google Cloud Platform (GCP) environments at scale presents unique challenges for security teams. This comprehensive guide introduces InSpec as the definitive solution for automated, continuous compliance. Get instant access to the open-source InSpec profile I maintain, and implement a streamlined, infrastructure-as-code approach to GCP governance and security validation.
An article about why sharing your Cisco running config file on public support forums may be dangerous. It starts with a general introduction to secrets found in running configs, highlights the process of harvesting configs using metagoofil and decrypting the password hashes.
A wee writeup about the SMB enumeration tool smbscan, which I had recently discovered on GitHub. The post introduces SMB, highlights the functionality of smbscan, and provides practical insights for uncovering hidden shares, finding sensitive files and auditing permissions.
A wee writeup of a security analysis of an LSC 1080P IP Camera sold by Action. The posts summarise multiple vulnerabilities we could identify including weak encryption of passwords, lack of authentication and inappropriate hardware hardening.
A wee writeup of an SQL injection vulnerability I had found within the open-source ChurchCRM CRM software. This vulnerability allows logged-in users to completely compromise the database.
In this post I will explain how I used a Nvidia Tesla T4 GPU rented from Google Cloud Platform to crack NTLM hashes using hashcat and John the Ripper at blazing speeds.
In this post I will present an API Documentation of the РЖД I had documented over at Postmans documenter and give an example how Python can be used to query data about Russian Railways.
I recently got myself a Canon ScanFront 220p Scanner to empower my efforts to quickly digitalize a huge amount of documents, which I’d carefully accumulated through the past couple of years. While my scanner, which I got for 42 € of eBay Kleinanzeigen was from a technical point in great conditions, I know it had one “minor” software issue: It wouldn’t boot.
In this blog-post, I’d like to give you a first introduction on how we can search for flights using Python and the Kiwi API. Excited? Let’s get started💻🖱️.
As you’d probably figured out by now, traveling is a big passion of Markus and mine. However, as students, our travel budget has some serious constraints.