2024

July

• Jul 05, 2024 - USB Fan: Remove battery

March

• Mar 23, 2024 - Digital Colonialism
• Mar 17, 2024 - Challenges with Aadhaar
• Mar 13, 2024 - Big Tech and Surveillance
• Mar 06, 2024 - Big Tech and Persuasion

February

• Feb 14, 2024 - Content Filters and Parenting

January

• Jan 31, 2024 - Regulating Recommenders
• Jan 22, 2024 - Privacy in SG's Constitution

2023

December

• Dec 03, 2023 - Tensegrity Hourglass Tower

November

• Nov 15, 2023 - GDPR: Transfer
• Nov 10, 2023 - GDPR: Right to be Forgotten

October

• Oct 29, 2023 - GDPR: Breach Notification
• Oct 17, 2023 - GDPR: Data Minimisation
• Oct 12, 2023 - GDPR: Consent
• Oct 09, 2023 - GDPR: Grounds for processing
• Oct 07, 2023 - Liabilities of Intermediaries

September

• Sep 28, 2023 - GDPR: Changes to Sensitive Personal Data
• Sep 19, 2023 - Roomba's Data Protection Obligations

August

• Aug 09, 2023 - Acorn Fan: Home Automation

July

• Jul 02, 2023 - Upgrading Wyse 5010

June

• Jun 17, 2023 - Barracuda ESG Replacement
• Jun 10, 2023 - Katong Cyclist vs Car - Tort

April

• Apr 05, 2023 - SPF Promotion Statistics

March

• Mar 18, 2023 - Drupal Redirect Malware

February

• Feb 15, 2023 - Total Defense and Falsehoods
• Feb 05, 2023 - SPH Circulation Saga: Misrepresentation

January

• Jan 10, 2023 - Sign with Singpass

2022

December

• Dec 18, 2022 - Global Talent Search

November

• Nov 13, 2022 - Miracast Compatible Devices

September

• Sep 29, 2022 - Lifelong Spousal Maintenance
• Sep 11, 2022 - Spammers using Flash SMS

August

• Aug 12, 2022 - MS-500, AZ-500, SC-200 exam review

June

• Jun 24, 2022 - Luna economics

May

• May 03, 2022 - Yubikey WSL: Agent refused operation

April

• Apr 08, 2022 - SANS SEC760 Review

February

• Feb 05, 2022 - Phishing SMS/Emails/Calls

January

• Jan 18, 2022 - Azure Resource Manager - Service Principal (Manual)

2021

December

• Dec 23, 2021 - Yubikey passwordless Windows local account login
• Dec 15, 2021 - Converting WinExec shellcode

November

• Nov 14, 2021 - Digital NRIC Spoofing

October

• Oct 13, 2021 - Industry Consultation on Licensing for CSPs

September

• Sep 22, 2021 - Police and private sector forensics differences
• Sep 06, 2021 - LOLBin: printui.dll

August

• Aug 20, 2021 - Exploring Singapore's Vaccination Cert

July

• Jul 23, 2021 - SPF, DKIM, DMARC in a nutshell

June

• Jun 21, 2021 - Infosec career progression

May

• May 26, 2021 - Heroku build timeout 2021

April

• Apr 27, 2021 - Windows Trust Boundaries

March

• Mar 06, 2021 - 0 reportable cybersecurity incidents

January

• Jan 26, 2021 - LOLBin: fhmanagew.exe

2020

December

• Dec 31, 2020 - Fun with MD5 Collisions
• Dec 09, 2020 - GovTech CTF Writeup

November

• Nov 07, 2020 - Calling IUnknown COM interface

October

• Oct 08, 2020 - macvlan host guest connectivity

August

• Aug 04, 2020 - Bank Token Teardown

July

• Jul 05, 2020 - NTFS Owner Rights for Logging

June

• Jun 20, 2020 - Public IP Hijacking over LAN

May

• May 24, 2020 - Authenticating with NRIC numbers v2
• May 07, 2020 - Intelligence-led Red Teaming

March

• Mar 22, 2020 - Crash Windows Event Logging Service
• Mar 12, 2020 - Interesting DLL exports
• Mar 01, 2020 - Expanding on Pyramid of Pain

February

• Feb 08, 2020 - OSCE review

January

• Jan 23, 2020 - Vulnserver - Order of difficulty
• Jan 16, 2020 - Free fresh notes for ang bao

2019

December

• Dec 16, 2019 - Phishing with actual bait

November

• Nov 01, 2019 - Overwriting MBR

October

• Oct 03, 2019 - FLARE-On 6 - Solve vv_max by hand

September

• Sep 22, 2019 - Tips for winning SANS CTFs

August

• Aug 24, 2019 - Singapore Gazette Search

July

• Jul 05, 2019 - WP Like Button 1.6.0 - Auth Bypass

June

• Jun 09, 2019 - On the Cybersecurity Act

May

• May 25, 2019 - SLAE64 #7 - Crypters
• May 25, 2019 - SLAE64 #6 - Polymorphic shellcode
• May 25, 2019 - SLAE64 #5 - MSF shellcode analysis
• May 18, 2019 - SLAE64 #4 - SSE4.2 CRC32C Encoder
• May 18, 2019 - SLAE64 #3 - Egghunter shellcode
• May 17, 2019 - SLAE64 #2 - Revshell TCP shellcode
• May 17, 2019 - SLAE64 #1 - Bindshell TCP shellcode

April

• Apr 19, 2019 - Hiding files with mount

March

• Mar 25, 2019 - Flashing SwOS from Windows

February

• Feb 06, 2019 - The Evolution of Crypto

January

• Jan 27, 2019 - Timestomping Programmatically

2018

December

• Dec 29, 2018 - Windows Persistency With OpenVPN GUI
• Dec 02, 2018 - Migrating rsyslog to Splunk

November

• Nov 01, 2018 - SANS FOR508 review

October

• Oct 12, 2018 - FLARE-On 5 wasm with Chrome

September

• Sep 09, 2018 - Reasonable use of personal data

August

• Aug 06, 2018 - Improvements to SEAB's investigation process

July

• Jul 22, 2018 - D-Link router's ping function

May

• May 16, 2018 - CREST CPSA Review

April

• Apr 27, 2018 - ASUS router's ping function

March

• Mar 04, 2018 - Visualizing fitness tracker data

February

• Feb 17, 2018 - Deprecating HTTP - Lessons from SSH/Telnet

January

• Jan 20, 2018 - Top 2000 Wordpress Plugins
• Jan 01, 2018 - Smart Google Code Inserter < 3.5 - Auth Bypass/SQLi

2017

December

• Dec 10, 2017 - Designing an offline authentication system

November

• Nov 04, 2017 - SANS SEC660 review

October

• Oct 22, 2017 - Piwik - Possible XSS in RDNS lookup function

September

• Sep 21, 2017 - CVE-2017-14766 Simple Student Result < 1.6.4 - Auth Bypass
• Sep 06, 2017 - CVE-2017-14126 Participants Database < 1.7.5.10 - XSS

August

• Aug 24, 2017 - OSCP review

June

• Jun 11, 2017 - Enumerate sites hosted on same IP

April

• Apr 29, 2017 - Remote Command Execution on Google Assistant
• Apr 08, 2017 - Is DarkTrace working with the NSA?

March

• Mar 12, 2017 - Analysis of 3000 BMT Recruits

February

• Feb 18, 2017 - Replicating UVB-76

January

• Jan 22, 2017 - IP Hiding and Cloaking for Services

2016

December

• Dec 25, 2016 - Analysis Of 35000 Senior Civil Servants

November

• Nov 13, 2016 - Authenticating with NRIC numbers

October

• Oct 16, 2016 - Security Theatre: Samsung Note 7

September

• Sep 18, 2016 - National Vulnerability Reporting Programme

August

• Aug 06, 2016 - Analysing smali code

July

• Jul 03, 2016 - DES key parity bit calculator

June

• Jun 12, 2016 - Bangladesh bank heist

May

• May 15, 2016 - Measuring Power Consumption

April

• Apr 26, 2016 - Saturating 1Gbps bandwidth
• Apr 16, 2016 - Running HTTPS, SSH and VPN on port 443

March

• Mar 20, 2016 - ProtonMail: Technical prowess, Legal expertise and Guts

February

• Feb 21, 2016 - Biometrics and Passwords

January

• Jan 17, 2016 - RAID is not backup

2015

December

• Dec 20, 2015 - The Golden Key - TSA Locks and Encryption
• Dec 09, 2015 - Xenserver V2P Migration

November

• Nov 02, 2015 - Verifying JS Integrity

October

• Oct 28, 2015 - Adding hostnames or PTR records to piwik
• Oct 16, 2015 - Negative space

September

• Sep 21, 2015 - First Cyberinsurance claim?
• Sep 05, 2015 - 2Gbps fibre is a gimmick

August

• Aug 15, 2015 - Rules of Engagement in Cyberspace

July

• Jul 30, 2015 - Facebook Open Graph Tags Modification
• Jul 12, 2015 - Google Calendar API v3
• Jul 03, 2015 - Open letter to ICANN on PPSAI

June

• Jun 25, 2015 - Website goes offline for 3 months
• Jun 01, 2015 - Email fraud part 2

May

• May 18, 2015 - Email fraud

April

• Apr 30, 2015 - iPad POS
• Apr 24, 2015 - 1FA
• Apr 12, 2015 - IJIS plaintext offender

March

• Mar 29, 2015 - Information Leakage
• Mar 06, 2015 - Uber's github slip up

February

• Feb 28, 2015 - ASUS RT-N15U external antennae mod
• Feb 07, 2015 - Online text binning tool

January

• Jan 31, 2015 - Public Private Partnerships in Cybersecurity
• Jan 09, 2015 - On Physical Authentication

2014

December

• Dec 15, 2014 - Dumping Aztech DSL1015EN firmware
• Dec 08, 2014 - Cloning Mifare 1K cards

November

• Nov 15, 2014 - A different kind of birthday attack

October

• Oct 26, 2014 - Code runs on code

September

• Sep 07, 2014 - Flaws of a single ecosystem

July

• Jul 21, 2014 - Software Versioning
• Jul 12, 2014 - Wireless Woes

June

• Jun 22, 2014 - unrar
• Jun 16, 2014 - Problems with Distributed Architecture
• Jun 02, 2014 - New Form of DDoS

May

• May 21, 2014 - Web Development in Singapore
• May 08, 2014 - How I (cheated and) won a quiz

March

• Mar 10, 2014 - Immigration checks

February

• Feb 22, 2014 - Encryption and blackmailing
• Feb 01, 2014 - Singtel's 5012NV-002 vulnerability

2013

December

• Dec 15, 2013 - Multiple inboxes with same email address
• Dec 10, 2013 - preloading pages
• Dec 04, 2013 - mysql optimization

November

• Nov 23, 2013 - private TLDs
• Nov 16, 2013 - URL shortening services
• Nov 12, 2013 - windows file metadata
• Nov 06, 2013 - Layered security
• Nov 03, 2013 - Web = public

October

• Oct 29, 2013 - Continuity plan
• Oct 18, 2013 - happy monthiversary
• Oct 15, 2013 - EFI
• Oct 04, 2013 - rainmeter

September

• Sep 23, 2013 - Default printer settings
• Sep 15, 2013 - Problems with FTP
• Sep 06, 2013 - Hiding compressed files in images

August

• Aug 15, 2013 - Hijacking QR codes
• Aug 12, 2013 - Interesting bluetooth experiment
• Aug 05, 2013 - USB 3.0
• Aug 03, 2013 - Server cluster for $500
• Aug 03, 2013 - A little experiment

July

• Jul 20, 2013 - cloudflare
• Jul 07, 2013 - Allure of sysprep
• Jul 02, 2013 - webview vs native

June

• Jun 24, 2013 - iptables -F
• Jun 18, 2013 - Linux box to AP with hostapd/dhcpd/iptables
• Jun 15, 2013 - Stealing code
• Jun 13, 2013 - Spoofing NUS WPA2 and stealing credentials
• Jun 13, 2013 - Dual booting
• Jun 01, 2013 - Orbital Project Log
• Jun 01, 2013 - Orbital Project Wiki

May

• May 30, 2013 - apache vs nginx/lighttpd
• May 27, 2013 - Running you own home server part 2
• May 26, 2013 - Running your own home server
• May 25, 2013 - 300kb - 300mb

2012

December

• Dec 08, 2012 - Ethic issues concerned with Artificial Intelligence(AI) in decision making processes

October

• Oct 10, 2012 - Ethical concerns regarding the transition from software to abandonware

September

• Sep 20, 2012 - Ethicality of certain practices in the telecommunication industry