I recently created a VNC honeypot. Many people asked me how I went about setting it up, so I've created a blog post describing the process. You can read about it at:.

The server has been configured to automatically record an established VNC session. It logs the IP address that connected and the time, then saves the recording into a folder that I pull down every few days. A snapshot of the VM is taken, which gets reverted once they disconnect.

Most of the other interactions consisted of people connecting, then checking the resources on the server, and for applications like nvidia-smi. (Presumably to see if it can be used to mine crypto). Before disconnecting once they realised it had 1GB of RAM and 1vCPU.

I left a server online with VNC wide open to see how it would be interacted with. This is one of the more interesting interactions:

RT @jarrodWattsDev: Someone just won $50,000 by convincing an AI Agent to send all of its funds to them. At 9:00 PM on November 22nd, an A….

Been playing around with analysing IOT firmware. Just had my first successful NAND dump from a BT Smart Hub 2.

RT @birchb0y: Interesting note on the #xz backdoor: . If you plot Jai Tan's commit history over time, the cluster of offending commits occu….

Seen these @DeterTech_UK Armadillos in quite a few places over the past couple of years. I would love to test the security of them! They look really interesting.

Recently started using a T-Beam LORA radio. I live in an area where there aren't any others around. I was very surprised to see just now another one nearby apparently onboard FR1175 to Portugal. Even managed to send a quick message and get a reply. #meshtastic #lora

RT @Jonas_B_K: ADCS attack paths in BloodHound! 🥳. This blog post breaks down the implementation of the ESC1 requirements and guides you on….

Has anyone attempted to dump the firmware off a BT Smart Hub 2?. Im using a CH341A to dump it. Binwalk is reporting "LANCOM firmware loader" but no files to extract. Command output in link below. Im happy to send the firmware dump to anyone who can help.

RT @techspence: My goto AD toolbelt:. PowerView (custom).PrivescCheck (custom).PingCastle.ScriptSentry.Spray-Passwords (custom).SpoolSample….

RT @0xor0ne: Home router (SOHO) hacking.Presentation slides (HITB2023).Credits @NCCGroupInfosec. "Your not so Home Office - SOHO Hacking at….

RT @Kostastsale: This is a pretty nice graphic explaining how Kerberos Auth takes place. Useful to have as a reference when you have to e….

RT @bltjetpack: After about a year of work in off-hours, S3Scanner has been rewritten in Go! 🎉. Check out the newest version here: https://….

RT @NIBunker: Today is the culmination of 13 years of work. I have installed the final piece of operational equipment in the bunker. The Sm….

DLL hijacking using cscapi.dll loaded by explorer.exe. It's a very basic example and a good one to try in a lab if new to the DLL hijacking process. I've done a short write-up about it if interested.

RT @DailyDarkWeb: Penetration-List. A comprehensive resource for testers, covering all types of vulnerabilities and materials used in Penet….

RT @BushidoToken: 🆕 Blog - Investigating SMS phishing text messages from scratch 🔍. A guide to practice doing some research for budding ana….

RT @7h3h4ckv157: BypassAV 🔥📢. This map lists the essential techniques to bypass anti-virus and EDR. #infosec #Hack….