Recon what?!

It was entertaining watching people attempt to get past Security @ Blackhat without a badge. Apparently, there are those who have forgotten how to do reconnaissance. When performing reconnaissance of a sensitive target, it is best to survey many times. Foremost, it helps to identify patterns. However, when surveying multiple times, it increases the chance one could be detected. Try to avoid the below issues and you will be on a path towards success.

Do not get caught:

HOPE Slides, ICanStalkU, Datasets, and Privacy

It's been a whirlwind few weeks at the labs: First off, we have received plenty of media coverage regarding ICanStalkU lately: New Scientist,, CNET,, and the BBC.

Response to Nicholas Butler and the Social Media White Noise podcast

We recently changed our @ICanStalkU Twitter account to provide more than just statistics regarding the amount of photos we have analyzed. In addition to the statistics, we also started @-ing people who posted geo-tagged photos. In order to not be totally spammy and unrelenting we rate limited it to one unlucky person per hour and the person @-ed is the last person we analyzed. The choice is more-or-less luck of the draw, as we have no input on who is chosen.

Upcoming presentations at The Next HOPE

We would like to announce that Mayhemic Labs has two upcoming presentations at The Next HOPE July 16-18, 2010 at The Hotel Pennsylvania in New York City:

Continuing on with free static source hacking

Many eyes are better than one?

I was reading my twitter feed and read this quote

`…there is no reason to believe that the many eyes inspecting (open) source code would be successful in identifying bugs that allow system security to be compromised…' – Michael Warfield.

I couldn’t disagree more. But instead of writing some blog post or some rant on script kiddies, I decided to do something about it.

New versions of the malicious hosts list and DNS scraper

Over the past few days, we've made updates to the malicious host list and DNS scraper. The main feature is that the we've started to classify hosts on the lists as "problematic" (have a high probability of being false positives) and the DNS scraper will ignore these by default. According to our testing, these changes to the list should not affect the older versions of the script, however, if you are having issues, please contact us.

ICanStalkU - Attempting to raise awareness about inadvertent information sharing

Everyone loves to post things to their Twitter account. Every day, people post things about the minutiae in their lives, from where they had lunch to what their kids are doing. People also are using services that allow them to post photos of these things. Because after all, a picture is worth a thousand words and isn't limited to 140 characters. This seems great, but did you know that for a lot of folks, whenever they post a photo of their lunch or kids, also included in their thousand words are details about their exact location of where they took the photo?

Installing the Metasploit Framework on the iPad

The iPad is hailed by Apple to be a "Magical and revolutionary" device. Whether or not that is true is a fact in heavy debate. Personally, I don't think so. But it IS a very interesting platform for penetration testing.

Grab your Ipad's SHSH while you can

First off, what is an ECID and SHSH and why do you care? via "Well “ECID” stands for Exclusive Chip ID. This is a unique chip identification that is different for every iPhone 3GS and iPod Touch 3g. When you restore your device, iTunes contacts the Apple servers, to generate signatures (SHSH), just for your device. It is widely thought that this a new security feature, implemented to stop jailbreaking of future firmwares."


Subscribe to Mayhemic Labs RSS