audibleblink

var newNew = function(constructor, args) {
    var instance = Object.create(constructor.prototype)
    // instance.__proto__ = constructor.prototype  // Same as line above
    instance.constructor = constructor  //  So that you can see who created this.
    constructor.apply(instance, args)  //  Same as #call except args is an arrray with apply
    return instance
}

audibleblink

[1]: https://www.udemy.com/swift-learn-apples-new-programming-language-by-examples/
[2]: https://www.udacity.com/course/ud585
[3]: http://www.lynda.com/Swift-tutorials/Swift-Programming-Language-First-Look/182175-2.html
[4]: https://www.bloc.io/swiftris-build-your-first-ios-game-with-swift
[5]: http://www.bignerdranch.com/we-teach/how-to-prepare/ios-device-provisioning.html
[6]: https://parse.com
[7]: http://www.weheartswift.com/swift-programming-scratch-100-exercises/
[8]: https://www.weheartswift.com/object-oriented-programming-swift/
[9]: http://www.learnswift.io/blog/2014/6/12/size-classes-with-xcode-6-and-swift
[10]: http://www.raywenderlich.com/83129/beginning-auto-layout-tutorial-swift-part-1

audibleblink

package main

/*
*
*  This is just a Go implementation of https://github.com/monoxgas/sRDI/
*  Useful if you're trying to generate shellcode for reflective DLL
*  injection in Go, otherwise probably not much use :)
*
*  The project, shellcode, most comments within this project 
*  are all from the original project by @SilentBreakSec's Nick Landers (@monoxgas)

audibleblink

package main

import (
	"io/ioutil"
	"log"
	"net/http"
	"os"
	"runtime"
	"syscall"
	"unsafe"

audibleblink

Compromised Web Developer Extension Steals Cloudflare Tokens

Upon receiving news that the popular Chrome Extension, Web Developer, had been compromised, I became curious about exactly how malicious the highjacking was. Most sites are reporting that it injects ads. It's more nefarious than that. Since the extension calls out to an attacker-controlled URL, the payload hosted at that URL could be changed to anything at any time.

At the time of inspection, the code checks to see if the victim is on the Cloudflare domain. If it is, it starts an XHR request to fetch the users' API token and ships it, along with the victim's email, to a remote server.

audibleblink

93fb02c5-3f3f-40de-856d-7328555dce79

audibleblink

HOWTO: Create Your Own Self-Signed Certificate with Subject Alternative Names Using OpenSSL in Ubuntu Bash for Window

Overview

My main development workstation is a Windows 10 machine, so we'll approach this from that viewpoint.

Recently, Google Chrome started giving me a warning when I open a site that uses https and self-signed certificate on my local development machine due to some SSL certificate issues like the one below:

audibleblink

[*] - C:\Windows\System32\1028\VsGraphicsResources.dll

[?] 64-bit Image!

[>] Time Stamp: 12/31/1969 19:00:00
[>] Function Count: 
[>] Named Functions: 
[>] Ordinal Base: 
[>] Function Array RVA: 0x
[>] Name Array RVA: 0x

audibleblink

//   Dll Hijacking via Thread Creation 
// Author - Vivek Ramachandran 
//  Learn Pentesting Online --  http://PentesterAcademy.com/topics and http://SecurityTube-Training.com 
// Free Infosec Videos --  http://SecurityTube.net 



#include <windows.h>
#define SHELLCODELEN	2048

audibleblink

package main

import (
    "fmt"
    "net"
    "io"
)

func main() {
    //http.HandleFunc("/", handler)