rastating boosted

If you have a .org domain name: go renew it now. For the full 10 years.

Registration rights for .org were just bought by a private equity firm. And as part of that contract, the price caps were removed.

Anything in .org will get much more expensive, soon.

A ten year renewal will cost you a bit over a hundred bucks. Which is probably less than one year will cost you in the very near future.

theregister.co.uk/2019/11/20/o

rastating boosted

If anyone fancies hacking on some open-source software, I built a little package last month for managing web browser access rules. If you want to poke at it, feel free to report any vulns on the GitHub issues, as there is only me using it.

I will most likely remain the only user too I suspect, as it caters to a rather niche requirement, but figured it was worth open-sourcing in case it does help anyone!
github.com/rastating/chweb-ser

rastating boosted

Pushed a small update to Shiva - few new packages and some shell functions I use quite frequently during recon. Release notes here: github.com/rastating/shiva/rel

rastating boosted

If you've not come across Shiva before, check it out on GitHub :) It's an Ansible playbook I put together for provisioning hosts for CTF / bug bounty work: github.com/rastating/shiva

Show thread

If you've provisioned a host with Shiva and are getting errors when trying to run `apt update` around the Metasploit repo, make sure to grab the latest MSF PGP keys by running: `apt-key adv --keyserver keys.gnupg.net --recv-keys CDFB5FA52007B954`

There was a small bug when I posted this yesterday causing CNAMEs to be passed through to the target list in masscan. This is fixed now :) github.com/rastating/dnmasscan

Show thread

The lack of built in GIF searching in Mastodon has made me realise I express my feelings with GIFs too much.

rastating boosted

Nice Adobe open redirect actively being used in phishing campaigns right now.

check your logs for reqs to t-info.mail.adobe.com

Will attempt to report to Adobe but apparently open redirects are out of scope.

Wrote a little script to resolve larger lists of domains and then run them through masscan asciinema.org/a/269108

Infosec Exchange

A Mastodon instance for info/cyber security-minded people.