Pouet épinglé

Dear entities of Pouet.it, inscriptions are currently disabled for an undefined time. They are invitation only, any user can accept invitations, so if you are already here, you can accept requests. We had a number of bots massively registrating two times already and we don't want to manage that. As we are on holidays, we are not taking care of this, we'll think of a solution after. Any input welcome. Your admins, @piks3l and @gllmhyt

Currently doing that IR exercise and it is such a load of fun dfirmadness.com/the-stolen-sze

omg, there are so much knowledge to mix up there

Hey there!

We just released an important iteration on our current 4.2 testing !

- ✨ UI/UX fixes and improvements in the new webadmin
- 🔑 SFTP and SSH permissions
- 🚑 Many improvements on backups

We're looking for moar feedback from beta-testers, aiming for a release in the coming weeks 😜 !


Afficher le fil de discussion

big computer god, give me strength to go through the whole week of DNS requests and have to ponder whether those are malicious or not

Afficher le fil de discussion

it's funny how some people just seem to be competent because of how aggressive they communicate

on another note, I'm almost at the rocket stage on factorio and this is pretty cool

now I can expand and mega base the hell of that world ;D

(i play in peaceful mode, because violence is not the answer)

then from there, it's field work.

Remember the difference between science and doing random shit is writing things down

Afficher le fil de discussion


But phishing and scams rarely got for long, if the page on urlscan is weird enough, you can consider it to be malicious



click on links

or visit malicious website

without proper protection

(sandbox + VPN)

Afficher le fil de discussion

Did you get a spam a you're wondering how to check if it's legit?

* hover on any link and check the link address. DO NOT CLICK ON IT
* if the stuff look weird, right click to "save link address"
* do a first run in a search engine by setting quote paste your link quote. This will search your link as a text and search engines such as google will not try to go to it
* is it a website? check the website on urlscan.io/
* check on virustotal.com/gui/ to see if there have been...

i don't have the faith to spend another week classifying DGAs -_- please send me your spam, I'd better run regexes and build ClamAV rules

If you're interested in analysing phishing kits, there is this github repo: github.com/danlopgom/phishing_

let me know, it's always funnier with people :))

Afficher le fil de discussion

wallet code here: blockchain.com/btc/address/bc1 you see there was actual payments :O and then the money it sent through other wallets.

* A lot of ads and weird stuff. Bare in mind when sending them to me that if they are older than 3 weeks it's possible they have been taken down and the lead would be cold.

Anyway, that was a lot of fun! I'll be happy to keep looking.

Stay aware and safe, check the links you click on!

Afficher le fil de discussion

look here: urlscan.io/responses/d43e9f0aa You can see a malicious JS that will skim some of your data. At that moment I didn't find actual malware, it was more close to a data stealer from user input. Here what was interesting was the amount of redirects that the website was operating. Next time I find something like that, I will try to map the route.

Interestingly, the pages were down 2 days after the scan.

* There was a usual: "i caught you masturbating, send me bitcoins" If you look for the (...)

Afficher le fil de discussion

So last week I asked you to send me some spams you received for analysis. Thank you a lot for your participation! <3 A lot of you send me really cool stuff.

In terms of findings, it was quite thin though, here a a couple of findings:

* A big Amazon spam, was sent to me. You can see the urlscan result here: urlscan.io/result/19eb86cd-539 in terms of modus operandi, it was quite simple, you get a form and fill it up and the page will ask you for more information. If you (...)

The Tor Project is hiring for two positions: a Systems Administrator and a Browser Developer. Share these opportunities with your networks:

Plus anciens

piks3l 🏳️‍🌈🏴‍☠️ recommande :


Le réseau social de l'avenir : Pas d'annonces, pas de surveillance institutionnelle, conception éthique et décentralisation ! Possédez vos données avec Mastodon !