When does Windows sleep?

I have always wondered about a somewhat inconsistent behaviour in how Windows decides when the computer is inactive, and to turn off the screen and subsequently sleep. As an example, if I have a 2 hour YouTube video playing in the browser, the screen will never turn off and the computer will ...

Azure Resource Manager - Service Principal (Manual)

I had some issues with automatically creating a service principal to set up Azure Resource Manager in Azure DevOps due to overly strict Azure AD policies resulting in the following error Error encountered: Failed to create an app in Azure Active Directory. Error: Credential lifetime exceeds the ...

Heroku build timeout 2021

If you have a Heroku app that has worked for many years and is suddenly experiencing a Duplicate build version error or if you are following an old tutorial from before 2021 and see the following cryptic error message in the build log. 1 2 3 ! ! Build timed out while waiting to start. ! Heroku ...

Timestomping Programmatically

Timestomping is a favourite topic of red teamers and forensic analysts. They often speak about the tools and powershell commands that can be used to do timestomping. How do these tools work? In the course of developing nTimetools, I read up on the various APIs and the extent of ...

Top 2000 Wordpress Plugins

The top 2000 Wordpress plugins by popularity. 2419 to be exact, all plugins with at least 5000+ active installs. List is accurate as of 20 Jan 2018. Interestingly, I could not find something similar online. The Wordpress plugins site does not allow sorting by popularity. Name Active Installs ...

Analysing smali code

Mobile apps have become increasingly widespread compared to their desktop counterparts. In addition, many apps often have stricter security requirements since they incorporate micropayments. We also perform sensitive transactions through mobile apps. For example, there are no desktop internet ...

Verifying JS Integrity

Yesterday, a CDN was hacked and malicious JS was served to a number of domains. Most websites make use of CDNs to serve up JS so as to reduce page load time. How do we protect ourselves from such attacks? I posed a similar question on Sec.SE some time back. Subresource Integrity is a new ...

Adding hostnames or PTR records to piwik

If you are using piwik and desire to know exactly where your website visitors come from, this hack will allow you to display the hostname or PTR record beside the IP addresses on the piwik dashboard. The Ip2Hostname plugin logs down the visitor's hostname in an additional column but provides no ...