tutorial

Mailchimp Subscribe Modal

Add Mailchimp Subscribe Modal to your Hexo Blog

If you use Hexo for your blog, you know how easy it is to create a beautiful and user-friendly experience for your followers. Even better, Hexo is entirely open-source, which means you are free to customize the code to work best for your needs.

We’ve known for a while that we need a clean way for new visitors to subscribe to our blog. We put it off because we imagined a significant design and implementation effort to integrate it into our MailChimp email list.

Bri loves tinkering with open-source code, and she recently discovered a straight-forward way to modify our Hexo theme (Minos) and allow new visitors to subscribe to our mailing list.

Ready to add this functionality to your blog? Read on!

Read More

Cit0day Breach Detection

Quick Summary

Cit0day had a massive data breach in November 2020, which leaked credentials for over twenty thousand websites. It is more complicated than usual to determine which credentials you need to change because there were so many websites involved in the breach.

You can use a tool we created to check which domains you need to change your password for.

Just navigate to the following link and follow the instructions:

https://passcheck.pensivesecurity.io

Read More

Raspberry Pi Vulnerability Scanner

Network Vulnerability Scanner Built On Raspberry Pi

We recently developed a plug-and-play vulnerability scanner built on a Raspberry Pi. And by plug-and-play, we actually mean that; you plug in the Raspberry Pi to your router, and within a few hours, you will receive an OpenVas network vulnerability report to your email.

For those that thought “YUM!” when mentioned above, a Rasberry Pi (RPi) is actually a single-board computer that costs around $100 and can be used for a vast range of applications, including home automation and education. If a fruity pastry had the same capabilities, that would be an impressive, albeit slightly expensive, treat!

The entire project is open source, and once you buy the device and peripheral set-up equipment, the scanner is FREE to run as many times as you want! This article will walk you through the “why” you’d want this and “how” you can create your own home network vulnerability scanner. Let’s jump in!

Read More

Roku Skip Commercials

Click here to try it out now!

The One about the Backstory

Bri and I used to love watching F·R·I·E·N·D·S on Netflix, but starting at the beginning of 2020, NBC decided to end their contract with Netflix and move the show to HBOMax instead.

Unfortunately, we don’t have HBOMax, and we’re unwilling to shell out the additional $15-a-month to watch a show we’ve already seen at least 3 times through.

However, we are willing to pay $65-a-month for YouTube TV because we love watching live sports like this month’s Tour de France. Even better, YouTube TV has unlimited DVR, which has proven to be the best feature of the whole service.

The best part about YouTube TV’s DVR is that you can navigate to a show you want to record (like Friends) and add the entire show to your DVR. Then, as episodes of your show air, it will automatically be added to your DVR.

Using this method, we have collected every episode of Friends in our YouTube DVR using a single button.

Read More

Tor and HTTPS Diagram from https://www.eff.org/pages/tor-and-https

Maximizing Privacy Online

If you have ever taken an interest in retaining your anonymity and privacy online, you have almost certainly seen the acronyms HTTPS, VPN, and Tor come up. While each of these technologies provide a layer of privacy, each has a distinct set of advantages and limitations that you should be aware of. It’s even possible to use all three at the same time to maximize privacy!

We will explain how these technologies can be used together, but first, let’s take a look at each one individually.

Read More

Logo Pyramid

Maintain your Privacy Online

The expression “you can run, but you can’t hide” has never been truer than on the Internet today. Protecting your privacy seems harder than ever with companies like Google and Facebook tracking your every move online and U.S. laws like the Freedom Act giving the government broader access to your browser and search history. And if that isn’t enough, frequent data breaches have resulted in your most sensitive information being made public on the dark web.

It’s not all doom and gloom, though, a variety of companies have dedicated themselves to providing everyday users with the tools they need to protect their right to privacy. In this article, we will walk you through some of the tools that we use to protect our privacy.

Specifically, the tools we will be covering are:

  1. Brave Web Browser (with Duck Duck Go)
  2. Nord VPN
  3. Firefox Send (when it comes back…)
  4. Wire
  5. Privacy.com

Note: We are not sponsored by any of these tools and make absolutely no money by endorsing them. We are simply spreading the word about privacy tools we love to use.

Read More

Goal

This tutorial aims to walk you through the steps necessary to configure Burp Suite to rotate your IP on every request using AWS API Gateway. While there are other ways to accomplish this task, AWS API Gateway is cheaper and more reliable than other IP rotation services.

Why would you want to rotate your IP? IP rotation can be useful in several scenarios, especially when the host implements IP-based rate-limiting.

For instance, when mounting a brute-force attack against a web application login form using Turbo Intruder (https://portswigger.net/research/turbo-intruder-embracing-the-billion-request-attack), IP rotation allows the attack to continue, even when there is IP-based rate-limiting or lockout.

Another example is when you are attempting to run the Burp Suite Active Scanner, and the target site begins limiting your requests based on your IP address.

By rotating your IP on every request, these issues disappear.

The IP rotation we will configure in this tutorial is based on the Fireprox tool by Black Hills (https://github.com/ustayready/fireprox). We have modified the tool (very) slightly to work better with Burp Suite, but most of the credit goes to the Black Hills team and the individuals they mention in the credit section of their repository (https://github.com/ustayready/fireprox#credit).

By the end of this tutorial, you will be able to make HTTP requests to your target URL in a browser or via Burp Suite, and your IP will rotate transparently in the background on every request.

Let’s dive in!

Read More

Your browser is out-of-date!

Update your browser to view this website correctly. Update my browser now

×