number trickery

While everybody is freaking out about social networks selling and leaking your data (told you so) the same way they freaked out about XKS (why would the gov want to read your email or have incentives to lie to you??), I uploaded a neat tool called number. Its similar to file for files and may be found here.

Read More

QDNS rebinding

Inspired by tavisos Transmission RCE, courtesy of a DNS rebinding vulnerability, I added a load-balancing capability to qdns. Depending on the view, you may either say you are load-balancing via DNS RR RR scheduling :) or driving a DNS rebinding attack. Theres a sample on how to do it in the test.zone file:

Read More