jay.linski blog

Writing about the web, tech and security.

New blog? New backend!

I revived my blog. It is now powered by Hugo, a very fast static site generator based on Golang. Why a static site? I chose a static site generator over my old Wordpress blog because of the following reasons: Wordpress, its plugins and PHP need to updated regularly. That’s annoying and time consuming. Like most other software, Wordpress and its plugins are often vulnerable to attacks. I don’t want to have to worry about hackers getting access to my blog. Read more...

Using the Fullscreen API for password phishing

A year ago I had a try on social engineering and phishing techniques. Now I finally found the time to rework my code and to put it on GitHub: https://github.com/jaylinski/osprey The first – and only – module is using the Fullscreen API to spoof the address bar and make the user believe he’s on Facebook. I researched on other fullscreen phishing attacks and found a similar approch: http://feross.org/html5-fullscreen-api-attack/ The advantages of my version are: Read more...

1 of 1