Blog – Skinny Research and Development

Zero-Day Research: CVE-2023-48024 and CVE-2023-48025

Striking a harmonious balance between high-level abstraction and low-level hardware control, the C programming language proves to be efficient for resource-constrained embedded systems. C programs can be finely tuned to optimize memory usage and execution speed, a critical consideration in embedded applications where resources are at a premium. Despite the many benefits of the C …

Zero-Day Research: CVE-2023-48024 and CVE-2023-48025 Read More »

Zero-Day Research: ehttp Use-after-Free and Out-of-Bounds Read

The ehttp library advertises itself as a ‘simple HTTP server based on epoll’. The primary goal of the library is to provide an easy-to-use HTTP microservice with JSON support. The library supports HTTP 1.0/1.1 with GET and POST request methods. When utilizing a new library, I always execute various fuzz tests against the library to …

Zero-Day Research: ehttp Use-after-Free and Out-of-Bounds Read Read More »

Hiring a Proficient Bugsweep Team

Before we get started, you should know I am not pushing my own bug sweeping services. I do not sell my services commercially. I have 15 years of experience in technical surveillance countermeasures (TSCM) and am often called upon to give advice regarding many aspects of this profession. I gain nothing from this article other …

Hiring a Proficient Bugsweep Team Read More »

Wireshark VoIP Challenge: Protect the Flow

The objective of my career has been pretty simple up until recently. Bad guys want information X. Keep bad guys from taking information X. Simple enough. There’s also an Appendix to that objective. Bad guys always want to take information X. Build a program to stop bad guys from taking information X. Routinely check the infrastructure …

Wireshark VoIP Challenge: Protect the Flow Read More »

Wireshark VoIP Challenge

Knock off those network analysis cobwebs by downloading the file below and taking part in the Wireshark VoIP challenge. This a a short capture but a tricky one. Wireshark PCAP File MD5 Hash: 139b7dfea64ee097a4a415ba320cc5b6 The Challenge I’m currently putting together a new VoIP class and came across a nasty little Linux program that can manipulate VoIP …

Wireshark VoIP Challenge Read More »

Clients React to the WiFi Pineapple

The WiFi Pineapple is a very evil rogue access point (AP) that can quite easily trick an unsuspecting WiFi enabled device or user into connecting to itself. It does this mainly through a suite of programs called PineAP. Thanks to the makers of the WiFi Pineapple, Hak5, their website is full of Get Started tutorials …

Clients React to the WiFi Pineapple Read More »

How to Use a 555 Timer in Monostable Mode

It’s been about a year since my last tutorial. Over the last year I learned that teaching in the real world will take away time from teaching in the virtual world. Many people have contacted me asking about a tutorial for the 555 timer in Monostable mode. The great thing about this mode is that you …

How to Use a 555 Timer in Monostable Mode Read More »

Anatomy of a Malicious GPS Tracker

This is the kind of stuff I love. Recently I was given a GPS tracker from an individual. This tracker had been embedded in a victim’s car for 6 years. The following video examines the tracker’s components and method of install. Below the video you’ll find some close-up photos of the device. GPS Tracker Photos …

Anatomy of a Malicious GPS Tracker Read More »

$Math of the 555 Timer$

Math of the 555 Timer

If you’ve been following along with the 555 timer series, this video describes how to derive the formula that describes the timing of the circuit. Starting with just 2 components, we’ll work our way to an answer.

How to Control the Duty Cycle of a 555 Timer

Continuing with a focus on the 555 timer, this video tutorial looks at how to vary the pulse width of a 555 timer’s output. It’s all possible with just a a hand full components. By varying the duty cycle one may vary the blink rate on an LED or the voltage being fed to a servo. Enjoy! …

How to Control the Duty Cycle of a 555 Timer Read More »