SQL INJECTION VULNERABILITY IN CHURCHCRM (CVE-2021-41965)

A wee writeup of an SQL injection vulnerability I had found within the open-source ChurchCRM CRM software. This vulnerability allows logged-in users to completely compsomise the database.

Sat, May 14, 2022 Advisories SQLisqlmapChurchCRMCVE-2021-41965

RECOVERING WIFI SSIDS FROM CHROMIUM'S NETWORK PERSISTENT STATE FILE

In this post, I’ll explain how Chromium’s Network Persistent State file can be utilised to recover SSIDs a suspect has previously been connected to.

Thu, Feb 3, 2022 Digital Forensics Digital ForensicsChromiumBrowserElectronComputer ForensicsWifi

A FORENSIC GOLD MINE III: FORENSIC ANALYSIS OF THE MICROSOFT TEAMS DESKTOP CLIENT

In this post, I will look at the abundance of forensic artefacts which can be collected from Microsoft Teams Client on Windows Desktops.

Thu, Sep 9, 2021 Digital Forensics Digital ForensicsLevelDBIndexedDBChromium Disk CacheAutopsyComputer ForensicsInstant MessagingMicrosoft Teams

A FORENSIC GOLD MINE II: FORENSIC ANALYSIS OF SIGNAL MESSENGER ON WINDOWS 10

In this post, I will look at the abundance of forensic artefacts which can be collected from Signal on Windows Desktops.

Mon, Jun 7, 2021 Digital Forensics Digital ForensicsSQLiteSQLComputer ForensicsInstant MessagingSignal Messenger

A COMPLETE LIST OF FREE FLIGHT SEARCH APIS IN 2021

In this blog post, I will have a look at freely available APIs for searching flight tickets.

Sun, Mar 7, 2021 Travel Hacking JSONFlightSkyscannerKayakPythonMomondoJetradar

A FORENSIC GOLD MINE I: FORENSIC ANALYSIS OF VIBER MESSENGER ON WINDOWS 10

In this post, I will look at the abundance of forensic artefacts which can be collected from Viber on Windows Desktop.

Fri, Jan 29, 2021 Digital Forensics Digital ForensicsSQLiteSQLComputer ForensicsInstant Messaging

CRACKING NTLM HASHES ON GOOGLE CLOUD'S NVIDIA TESLA T4 GPU

In this post I will explain how I used a Nvidia Tesla T4 GPU rented from Google Cloud Platform to crack NTLM hashes using hashcat and John the Ripper at blazing speeds.

Fri, Jan 15, 2021 University John the RipperHashcatGoogle CloudPassword CrackingCyber SecurityGPU

RUSSIAN RAILWAY (РЖД) API DOCUMENTATION

In this post I will present an API Documentation of the РЖД I had documented over at Postmans documenter and give an example how Python can be used to query data about Russian Railways.

Wed, Jan 13, 2021 Travel Hacking PostmanRZDРЖДTrainTrans-Siberian RailwayPython

UNOFFICIAL ABERTAY UNIVERSITY LATEX TEMPLATES

An introduction to a set of LaTeX templates I had created as part of my graduate course at Abertay University.

Wed, Jan 13, 2021 University LaTeXGitHubCourseworkCMP506CMP507GRS501

GENERATING HUGO POSTS FROM AN API USING PYTHON

For my personal side project travelhackingtool.com, which is an aviation database and API, containing thousands of airports, I was looking for an easy way and automated to create Hugo Posts for my airports based on the data of the API.

Sat, Nov 14, 2020 Travel Hacking pythonrequestswebmarkdownJSONAPIHugo