The Wiert Corner – irregular stream of stuff

Jeroen W. Pluimers on .NET, C#, Delphi, databases, and personal interests

  • My badges

    Mastodon

  • Twitter Updates

  • My Flickr Stream

    20140508-Delphi-2007--Project-Options--Cannot-Edit-Application-Title-HelpFile-Icon-Theming20140430-Fiddler-Filter-Actions-Button-Run-Filterset-now20140424-VMware-Fusion-6.0.3.-no-reclaimable
    More Photos

  • Pages

  • All categories

  • Enter your email address to subscribe to this blog and receive notifications of new posts by email.

    Join 1,854 other subscribers

Archive for the ‘Security’ Category

« Previous Entries
Next Entries »

Be inquisitive: a Thread by @cyb3rops on Thread Reader App – The act of hiding is often more suspicious than what’s being hidden.

Posted by jpluimers on 2025/11/19

[Wayback/Archive] Thread by @cyb3rops on Thread Reader App – Thread Reader App

If your agent gets flooded – detect the flooding.
If code gets obfuscated – detect the obfuscation.
If ETW gets silenced – detect the silence.
If the EDR gets killed – detect the killing.
If logs get cleared – detect the clearing.

The act of hiding is often more suspicious than what’s being hidden.

It’s like a surveillance camera going black or freezing.
That is the signal.
I’ve been doing this successfully for years.

I detect obfuscated crap all the time.
People ask, “What is it?”
I say, “No fucking clue. Could be:
– a Themida-packed sample with a Microsoft copyright,
– a UPX-packed ELF with a 1-char filename,
– a PowerShell script that looks like static noise, or
– a fake svchost.exe with no Microsoft copyright.”

I don’t need to know what it is.
It’s obviously shady.
That’s enough to detect it – and deal with it.
There’s a Chinese saying that fits perfectly: 欲蓋彌彰
The more you try to hide it, the more obvious it becomes.

--jeroen

Posted in Blue team, Development, DevOps, LifeHacker, Power User, Red team, Security, Software Development | Leave a Comment »

EGBG tegenscript (via Angrynerds 023)

Posted by jpluimers on 2025/11/19

Voor mijn link archief: script tegen telemarketeers: [Wayback/Archive] EGBG tegenscript

Met name deze onderdelen op de pagina:

Via [Wayback/Archive] Angrynerds 023 – YouTube

–jeroen

Posted in LifeHacker, Power User, Security | Leave a Comment »

Cyber bands and relates stickers – loet.bar + ZBF

Posted by jpluimers on 2025/10/27

[Wayback/Archive] Cyber – loet.bar + ZBF examples

..

Read the rest of this entry »

Posted in Cyber, Fun, Power User, Security | Leave a Comment »

Fraudehelpdesk ontvangt groot aantal meldingen over fraudetelefoontjes – Security.NL

Posted by jpluimers on 2025/10/03

[Wayback/Archive] Fraudehelpdesk ontvangt groot aantal meldingen over fraudetelefoontjes – Security.NL

Ik had zelf al gemerkt dat de hoeveelheid SPAM calls enorm was toegenomen: 2025 first quarter (our winter): a set back in energy, slowly getting back, taking preventions to keep this from happening again

Kennelijk ben ik niet alleen hierin.

--jeroen

Posted in About, Personal, Power User, Security | Leave a Comment »

i-am-shodan/USBArmyKnife: USB Army Knife – the ultimate close access tool for penetration testers and red teamers.

Posted by jpluimers on 2025/09/30

Now that I got pointed to this twice (see “Via” below), I need to get one so I can play with it: [Wayback/Archive] GitHub – i-am-shodan/USBArmyKnife: USB Army Knife – the ultimate close access tool for penetration testers and red teamers.

Via:

Read the rest of this entry »

Posted in *nix, *nix-tools, Blue team, Bluetooth, Development, Encryption, ESP32, Hardware, Hardware Development, Hardware Interfacing, Home Audio/Video, HTTPS/TLS security, Infosec (Information Security), Network-and-equipment, Power User, Red team, Software Development, WiFi, Wireshark | Tagged: | Leave a Comment »

DeCENC is yet another way to beat Amazon, Netflix video DRM • The Register

Posted by jpluimers on 2025/09/12

From a while ago. I wonder what the current state is.

[Wayback/Archive] DeCENC is yet another way to beat Amazon, Netflix video DRM • The Register

--jeroen

Posted in Development, Encryption, Media, Media Streaming, Power User, Security, Software Development | Leave a Comment »

vx-underground (@vxunderground) / Twitter

Posted by jpluimers on 2025/09/09

I thought I had been living under a stone for decades when I bumped into vx-underground (@vxunderground) / Twitter

The largest collection of malware source code, samples, and papers on the internet.

Password: infected

That appeared to be untrue as vx-underground, ran by a team of volunteers, started in 2019 ([Archive] web.archive.org/web//vx-underground.org) right when a few crisis in my life came together at the same time.

So here are the links for my archive as they are great content for both Red Teams and Blue Teams on many things cyber security related:

Read the rest of this entry »

Posted in Blue team, Pen Testing, Power User, Red team, Security | Leave a Comment »

In case I need a small 5-port managed switch that can do port-mirroring: GS305E | Easy Smart Managed Essentials Switch | NETGEAR Support

Posted by jpluimers on 2025/08/13

[Wayback/Archive] GS305E | Easy Smart Managed Essentials Switch | NETGEAR Support which can do many-to-one port mirroring.

This is a newer and cheaper hardware revision than the:

  • GS105Ev2 (which is managed and can do port-mirroring, and is confusingly sold as GS105E-200) which in Germany already is end-of-life
  • GS105Ev1 (which is unmanaged and cannot do port-mirroring and is confusingly sold as GS105E-100) which is end-of-life but still sold

Via [Wayback/Archive] Everyone Should Have One of These – EASY Packet Capture! – YouTube who explains very well why you need a switch that can do port-mirroring, then recommends the GS105E but forgets to mention:

  • there are different revisions of the GS105E with the above drawbacks
  • there is GS305E

Related:

Read the rest of this entry »

Posted in Blue team, Communications Development, Development, Ethernet, Hardware, Internet protocol suite, Network-and-equipment, Power User, Red team, Security, Software Development, TCP, UDP | Leave a Comment »

html – What can cause Chrome to give an net::ERR_FAILED on cached content against a server on localhost? – Stack Overflow

Posted by jpluimers on 2025/08/07

On my research list [Wayback/Archive] html – What can cause Chrome to give an net::ERR_FAILED on cached content against a server on localhost? – Stack Overflow

The reason what that back then this would fail (but worked in Firefox and Safari, and because I was in a hurry I didn’t research further): [Wayback/Archive] https://www.office.com/

This site can’t be reached

The webpage at https://www.office.com/ might be temporarily down or it may have moved permanently to a new web address.

ERR_FAILED

Thanks [Wayback/Archive] Mason Wheeler and [Wayback/Archive] Joel Davey.

Details:

Read the rest of this entry »

Posted in Chrome, Communications Development, Development, Encryption, HTTP, https, HTTPS/TLS security, Power User, Security, TCP, TLS, Web Browsers, Web Development | Leave a Comment »

GitHub – minvws/horsebattery: A password generator inspired by https://xkcd.com/936/

Posted by jpluimers on 2025/07/22

[Wayback/Archive] GitHub – minvws/horsebattery: A password generator inspired by https://xkcd.com/936/

Inspiration: [Wayback/Archive] xkcd: Password Strength

Curated Dutch word list: [Wayback/Archive] horsebattery/config/nl/word-list.txt at main · minvws/horsebattery · GitHub

Via: [Wayback/Archive] Discord

--jeroen

Posted in Development, Passwords/manages, PHP, Power User, Scripting, Software Development | Leave a Comment »

« Previous Entries
Next Entries »