A reverse engineering analysis of the TP-Link Tapo C200 reveals critical security vulnerabilities, emphasizing the role of AI in modern security research.
About:
Simone Margaritelli is the author of the website evilsocket.net, which is described with the phrase 'Preoccupied with a single leaf, you won’t see the tree. Preoccupied with a single tree...you’ll miss the entire forest.'
Website:
Incoming Links:
Subscribe to RSS:
The blog post discusses the concept of agents and Nerve, a project that makes implementing an agent simple and intuitive. It explains the definition of an intelligent agent, how models can use tools, and the framework provided by ...
0Attacking UNIX Systems via CUPS, Part I
2024-09-26 •
...
The new bettercap 2.4.0 major release includes long due fixes and new functionalities that extend its reach to car and industrial control system hacking. It introduces a new CAN module for car and ICS hacking, and a WiFi bruteforc...
The author presents a new tool called Legba, which is a comprehensive and efficient replacement for similar tools like thc-hydra, medusa, and patator. The tool is written in Rust and uses an asynchronous runtime, making it faster ...
The text discusses the author's experience with reverse engineering the Apple MultiPeer Connectivity Framework. The author discovered vulnerabilities in the framework and managed to reverse engineer all network packets, leading to...
The post describes how to use eBPF syscall tracing to detect process behaviour anomalies at runtime using an unsupervised learning model called autoencoder. It explains the eBPF technology, system call tracing with eBPF, and anoma...
The author introduces a new project called ShieldWall, which is a security mechanism to host personal/sensitive services in a way that is easily accessible by any device without configuration. The author discusses the limitations ...
0Just Taking a Break :D
2020-05-26 •
The author is taking a break from coding and social media to focus on pursuing a long-time dream of becoming a musician. They express disillusionment with the 'infosec' community and emphasize the importance of focusing on actual ...
The text is about the development of Pwnagotchi 1.0.0, a project that started as a summer project and evolved into a community of 700 people. It discusses the evolution of the project, the development of AI, and the challenges fac...
...
The post discusses new WiFi features implemented into bettercap, including an automated EAPOL 4-way handshake capturing and a new type of attack to recover WPA PSK passwords without clients. It explains how to perform a deauthenti...
The author presents project Ergo, a framework and manager for Keras based projects. The post showcases an example use-case of building an airplane detector for satellite imagery using deep learning. The post covers prerequisites, ...
The text describes the process of building a mini WiFi deauthenticator using a Raspberry Pi Zero W and bettercap. It provides a detailed guide on how to set up the Raspberry Pi, configure it to connect to a WiFi network, and use b...
0Go Is Amazing, So Here's What I Don't Like About It
2018-03-14 •
The author provides a balanced perspective on the Go programming language, highlighting the things he doesn't like about it. He discusses issues such as the lack of a ternary operator, the absence of detailed documentation, the us...
0All Hail Bettercap 2.0, One Tool to Rule Them All.
2018-02-27 •
The release of Bettercap 2.0 is announced, which is a complete reimplementation of the Man-in-the-Middle attack framework. It aims to be the reference framework for network monitoring, 802.11, BLE attacks, and more. The release br...
The text describes the development of a project called ARC, which is a manager for storing encrypted passwords, sensitive files, and notes. It is designed to be accessed from any device with a modern browser and is hosted on a Ras...
0This Is Not a Post About BLE, Introducing BLEAH
2017-09-23 •
The text is not an interview, but rather a detailed explanation of how to hack Bluetooth Low Energy (BLE) devices. The author provides an overview of BLE, its vulnerabilities, and methodologies for hacking it. The author also intr...
The author describes how they hacked their Crafty vaporizer to set its temperature limit from 190C to 6553.5C remotely using Bluetooth Low Energy. They reverse-engineered the mobile application to identify interesting descriptors ...
The post discusses the GPD Pocket 7, a small laptop that can run GNU/Linux. It includes hardware specs, installation procedure, and configuration tips. It also provides information on updating custom kernel and setting up an offen...
The text discusses the concept of Server Name Indication (SNI) in TLS, which is an extension to solve the problem of multiple domains behind HTTPS. It explains how SNI works and how it can be intercepted, leading to privacy concer...
0TerraMaster NAS TOS
2017-05-30 •
The author discovered an unauthenticated RCE vulnerability in the TerraMaster F2-420 NAS web interface, allowing root access. The vendor was notified but failed to provide a fix, leading to full disclosure of the exploit. Mitigati...