Skip to content

Category: Security

OWASP Attack Surface Detector Project

When I did a short work stint at Secure Decisions in 2018, one of the projects I got to work on was helping to create the Attack Surface Detector plugin for ZAP and Burp Suite. I left that position before the project got published, but I am happy to see that it was a success.

Here it is in all its glory.

From the OWASP description:

The Attack Surface Detector tool uncovers the endpoints of a web application, the parameters these endpoints accept, and the data type of those parameters. This includes the unlinked endpoints a spider won’t find in client-side code, or optional parameters totally unused in client-side code. It also has the capability to calculate the changes in attack surface between two versions of an application.

There is a video that demonstrates the plugin, and yes, that is me doing the voice-over.

Kali Linux Dockerfile

Since recently discovering there is now an official Kali Linux docker image, I’ve been fiddling with it and tweaking my own setup to get it to how I like it for the things I use it for. I have a work version and a personal version. What follows is my personal version, used mostly for R&D, CTF challenges, and bug hunting in my free time.

My Kali Dockerfile (for Mac)

# The Kali linux base image
FROM kalilinux/kali-linux-docker

# Update all the things, then install my personal faves
RUN apt-get update && apt-get upgrade -y && apt-get dist-upgrade -y && apt-get install -y \
 cadaver \
 dirb \
 exploitdb \
 exploitdb-bin-sploits \
 git \
 gdb \
 gobuster \
 hashcat \
 hydra \
 man-db \
 medusa \
 minicom \
 nasm \
 nikto \
 nmap \
 sqlmap \
 sslscan \
 webshells \
 wpscan \

# Create known_hosts for git cloning things I want
RUN mkdir /root/.ssh
RUN touch /root/.ssh/known_hosts
# Add host keys
RUN ssh-keyscan >> /root/.ssh/known_hosts
RUN ssh-keyscan >> /root/.ssh/known_hosts

# Clone git repos
RUN git clone /opt/seclists
RUN git clone /opt/powersploit
RUN git clone /opt/hashcat
RUN git clone /opt/linenum
RUN git clone /opt/dirsearch
RUN git clone /opt/sherlock

# Other installs of things I need
RUN apt-get install -y \

RUN pip install pwntools

# Update ENV
ENV PATH=$PATH:/opt/powersploit
ENV PATH=$PATH:/opt/hashcat
ENV PATH=$PATH:/opt/dirsearch
ENV PATH=$PATH:/opt/sherlock

# Set entrypoint and working directory (Mac specific)
WORKDIR /Users/wchatham/kali/

# Expose ports 80 and 443
EXPOSE 80/tcp 443/tcp

Build it

docker build -t yourname/imagename path/to/theDockerfile 

(don’t actually put ‘Dockerfile’ in the path). Do change ‘imagename’ to something apropos, such as ‘kali’

Run it

docker run -ti -p 80:80 -p 443:443 -v /Users/yourname/Desktop:/root yourname/imagename

The above examples require you to replace ‘yourname’ with your Mac username

Indicates that we want a tty and to keep STDIN open for interactive processes

Expose the listed ports

Mount the defined folders to be shared from host to docker.

Hope that’s useful to someone!

Hat tip:

Online Safety: Top Tips for Parents

Each generation of parents has something different to worry about — something that has changed since they were young. You might have had internet access when you were a teenager. It might have been an invaluable source when it came to tackling big homework projects, and you might have even made friends in the odd teen-friendly chat room. But, times have changed, and most of us look back glad that social media wasn’t a big deal when we were younger.

You might have had a Facebook page. But, the internet wasn’t like it is now. Nowadays, it’s a massive part of everyday lives. We’ve all heard horror stories about children and teenagers being bullied online and about the darker parts of the internet we’re all keen to avoid. As a parent today, the internet is one of our biggest concerns as our children grow. Even very young children have tablets and some level of internet access, which only grows as they do. Let’s take a look at some tips to help you to keep your family safe online.

Explore Together

Remember, it’s better that your children learn about the internet with you, instead of picking up bits and bobs here and there. When they are young, and first getting online, do it together. Show them some websites and apps that you think they’d enjoy and give them a little freedom to explore with you.

Put Safety Measures in Place

However much you trust your children, it’s never a good idea to let them out on the web alone without putting any safety measures in place. Set parental controls on younger children’s devices. Turn off in-app chat and location settings and use your own app to monitor their usage, these are inexpensive and widely available. For older kids, you might want to speak to them about setting their own safety and explain the importance of keeping some things private and hidden.

Talk About the Risks

You won’t want to tell very young children the worst horror stories out there. But, you can explain to slightly older children that the internet can be dangerous. You can tell them about people trying to contact them online and explain some of the risks. Tell them what they need to watch out for, and teach them how to report any suspicious activity.

Don’t Be Too Critical

If you are too critical, or too overprotective, it will become a secret. They’ll start to hide their internet usage from you. They’ll spend their time online behind closed doors. They won’t want to speak to you about it, and they won’t be comfortable coming to you if they are worried. Remember, children are curious, and that’s fine. Try to be understanding and supportive, even if you are worried or don’t approve.

Encourage them to Trust Their Instincts

Instinct is essential when it comes to safety. If someone started talking to you online, you’d get a feel for the situation straight away, and it’s essential that your children learn to do the same.

Chat With Them

Take an interest in their usage. Ask about games they play and the sites they use. Let them tell you about the things that they enjoy, and take an active interest, even if it means you have to listen to too many Minecraft tales. It’ll help to keep your relationship open and honest.

The InfoSec World Has a Python 2.7 Problem

Welcome to 2019, everyone! The future is bright, and I am sure we will all experience a lot of fun and unexpected things in the world of security. So far this year, we haven’t see anything along the lines of Specre/Meltdown, which helped usher in 2018.

One thing I did realize is that the turning of the calendar to this new year, remarkably, means that there is less than one year until Python 2.7 is officially “unsupported.”

Just check the Python 2.7 Countdown clock if you don’t believe me. Everything should be well on the way to Python 3 by now. Or so you would hope.

I find it somewhat humorous (mildly) that the infosec community still relies so heavily on Python 2.7, given its impending doom. I still see new tools being actively developed in this version of Python crossing my news feed almost daily. So many things on Kali Linux rely on Python 2.7.

I have oberved that longstanding, popular open source stalwarts of the trade have shown little interest in moving to 3.x.

I really have no idea what to do about this, other than encourage contributors to migrate, and to lend a hand if and where possible. But it’s getting really late, and I still have to use python2.7 far too much in my day-to-day pentesting and security research life.

How about a New Year Resolution?

How To Protect Your Professional Reputation Online

Aah, the joys of social media. When you have a professional role, there are lots of things to think about, and your image across various platforms is one of them. No, we’re not talking about your actual image (although sure, you may want to get a haircut once in a while) we’re talking about how you’re perceived online, and as a result, within your community and profession. When it comes to protecting your reputation on the web, you need to follow a few steps, to make sure that you don’t cause yourself any trouble, and we’ve noted down a few easy ways that you can do this here.

Be careful what you tweet

Oh, Twitter. How we all love to have a little rant here and there, and how heated it can sometimes get when a disagreement arises. But as many professionals (and famous people) will tell you, those old tweets can come back around and haunt you. If you want to keep your reputation as clean as a whistle, make sure you’re not tweeting about anything that you wouldn’t say in a professional environment. Sure, you can tweet about how much you love eating cheese over the Christmas period, and nobody will hold it against you, but don’t tweet about how much you want to hit your neighbor with a baseball bat because of his loud music. It doesn’t look good.

Untag yourself

On sites such as Facebook and Instagram, your friends have the ability to tag you in pictures, which isn’t great news for your privacy. The issue here is that they probably find it hilarious that you got your arm stuck in a vending machine whilst you were steaming drunk, but your potential clients probably won’t. In fact, they will be quite worried about giving you their money if they see that you’re an off-the-rails individual where Instagram is concerned. Do yourself a favor, and keep these pictures between you and your buddies. The last thing that you want is for everybody to be asking you what happened on that night, especially when you can’t even remember.

Google yourself, and remove what isn’t too good

Ok, so it may sound like Googling yourself is a strange concept, especially if you’re not exactly, you know, Britney Spears. However, if you’re part of a big business or you have a large social media following, you’re going to have to say goodbye to anything that may not bode too well when it comes to your reputation, and Google is a good place to start. Whilst many images on the search engine don’t belong to them (as they don’t own the sites), there are still ways that you can get around it if Google won’t remove an image. You can get in touch with whoever runs the website, or you can try a method like suppression if they’re not willing to budge and Google won’t help.

Keep things set to private

Sure, you may feel like you should share some of your personal life online, but make a distinction between the personal and professional where you can. If there are some things you’d rather share with close friends and family, then have a Facebook account set to private, and separate it from all of your other public accounts. You don’t have to use your company accounts to share your own private thoughts (keep them business), and you can even use a different name for your personal ones if you only want to keep things between you and your loved ones. Take some time to secure your social media, and your other online profiles, too. You won’t regret it when you’ve saved your reputation.


There are many ways to protect your reputation online, and one of them is being careful about what you tweet. Instead of going all out and writing what first comes to mind, take a moment to reflect on whether it is necessary, and whether it will damage your reputation. You can also untag yourself from any unprofessional photos, and remove pictures from Google if you don’t want them to be the first thing that people see. Lastly, set some accounts to private, and keep the information there between friends. This will help you to separate the personal and the professional.

Whatever you decide to do, your reputation is greatly important as a professional, and is something that you should take seriously if you want to be successful. Follow these simple tips if you want to make sure that it’s the best it can be, and that you have a reputation that precedes you (a good one, that is…).

4 Surprising Everyday Tech That Can Misuse Your Data

According to a Clark School study at the University of Maryland there is, on average, a hacking attack on computers happening every 39 seconds in the United States. The study doesn’t quantify how many attacks occur on other devices, but it’s fair to say that hackers are an innovative and hard-working bunch. Your smartphone and your favorite everyday gadgets can also become a target. In fact, by 2020, it’s expected that the Internet of Things will reach out around 200 billion connected devices in the US only. To put things into perspectives, there are already 25 connected devices per 100 inhabitants. The trend is expected to continue to grow. After all, when you think about it, you probably already have no far from 25 devices just for yourself. From your fitness tracker to your smart home system, modern households have made themselves more and more vulnerable to data breach attempts. How so, you ask? By increasing the reliance on IoT devices for everyday activities. The question is not whether your data are safe, but how your IoT data can be misused against you. The chilling answer you might not have expected is that some of your favorite gadgets could be the source of data (mis)interpretation. Your home is not data-safe, on the contrary!

Don’t let your ISP track your activities

Cybercriminals keep an active eye on innovative technologies to access loosely protected data – or data without any form of protection. Not only businesses, but individuals are vulnerable to hacking attacks. From using unreliable security software packages that fail to protect you to lacking common sense when you receive suspicious emails, you need to educate your household to the best way of managing your data privacy. However, what you may not know is that your Internet Service Provider, or ISP for short, can gain full access to your location, your searches, and your browsing history. While it shouldn’t matter, legal authorities can demand to see those data or can be alerted in the event of questionable activities. Admittedly, while this might be advantageous to target terrorists and other criminals online, you could be exposed to legal actions for something as innocent as essay research about controversial topics. Additionally, your geolocation can block access to specific content. The addition of a free VPN to your household network can ensure that your data are not getting used against you. A virtual private network will hide your data from the ISP.

Don’t let Alexa orders anything on your behalf

Alexa, the voice assistant introduced by Amazon on the market a few years back, has made a reputation for itself by helping you to organize your household and your online orders. But this apparently useful gadget has also developed a nasty habit; it can pass orders on your behalf without your knowledge. Does it mean Alexa has developed a form of intelligence of its own and can make decisions for you? Of course not. Alexa is and remains an AI tool that learns at your contact but never enough to become its own ruler. These unexpected orders are the results of data mishaps on Alexa’s part. The most famous story is about a little girl in Dallas who started a conversation with Alexa about cookies and a dollhouse, which led to the accidental order of the dollhouse. When the news reported the incident, Alexa devices picked up on the news segment and ordered further dollhouses, proving that the device is always listening.

Your fitness tracker reveals the location of secret military bases

Your fitness tracker might be your best ally if you’re trying to get in shape, but it knows far too much about your life to be trusted. Wearables are designed to collect data all the times, aggregated information and providing access to companies to analyze your performance and the one of the devices. And that’s precisely where the problem lies. Users of the Strava app realize that the heatmap could reveal not only the location of military bases but also the names and APIs of the individuals on each running route. In short, a fitness tracker could expose the entire position and routines of the armed services. Who needs spies anymore?

Don’t let burglars know about your habits

Who doesn’t love the ease-of-use and comfort of a smart home installation? But you might reconsider your choices when you discover that your smart home data could be used against you. Indeed, experienced hackers could gain access to your smart data, discovering your home routine and more importantly the times when you’re not at home. From ransomware attacks that threatened to take over your house to targeted burglary, smart home does not mean safe home.

Can you trust your everyday tech? While it doesn’t mean you shouldn’t use any device that connects to the IoT, it’s fair to say that exercising caution and common sense should be your default position at all times.