Ron Stoner

I’m excited to announce the initial public release of SelfHash 0.1.1 that I worked on in October of 2023. SelfHash was designed to add an extra layer of security and verification to your Python scripts before execution - ensuring that it has not been tampered with. Problem Consider the fo...

Nostr is the latest in decentralized protocol advancement. By definition nostr is “a decentralized network based on cryptographic keypairs and that is not peer-to-peer, it is super simple and scalable and therefore has a chance of working”. With all new protocols comes new security and pr...

I’ve seen a variety of corporate security user archetypes over my career as a security leader. These include individuals who are proactive about security, those who may have some concerns but may not fully understand the risks, and those who are simply not interested. It is important for ...

Cryptocurrency events are a great opportunity to learn more about bitcoin and make industry connections. If you own bitcoin, however, it’s important to be mindful of your surroundings and take proactive steps to protect yourself and your wealth. As we often say, there are no vacations in securit...

“Hey! I wanted to know what you know about bitcoin mining? I have a friend that just got $13,000 from a $1,000 investment, and they are now trying to get me to do it.” If you’ve worked in the bitcoin space as long as I have, you immediately dismiss this message as a scam, but the ugly truth is n...

By now, we all should be familiar with the mantra of “not your keys, not your coins.” A lot of guides and information are available to bitcoin connoisseurs regarding how to secure your keys and seeds. However, I don’t see much information published about how bitcoin HODLers can secure their envir...

This write up is a culmination of articles from a Capture The Flag competition and are all being concatenated here. Red XOXOXO The Challenge We receive a message that is captured, and since this challenge is listed as “crypto”, we need to decipher the cipher text of -;91~.,11=12~;-?<27–6;:...

This write up is a culmination of articles from a Capture The Flag competition and are all being concatenated here. You can see other challenge write ups on the main post here. Easter Egg 1 Part of the fun of CTF challenges is searching for Easter Egg flags. These flags usually don’t require ...

Preface: I do not advocate anyone does anything illegal. Hack on your own hardware. Personal electronic transportation devices are everywhere now, and they are fuuuuuun. Private consumers are using them to replace their daily commutes, new distances are being achieved for the displaced, and co...

The concept of blockchain technology and crypto-currency fascinates me. It’s not just the technical marvels and feats, the fact that true consensus can be achieved through a protocol, or that the idea itself provides utilitarian and disruptive properties. Blockchain technology is just coooooool, ...

Brain Leaking by Nick Staab Back in October I created a forensic challenge called Brain_Gamez, which was hosted on the Hackmethod Monthly CTF site (https://ctf.hackmethod.com). Brain_Gamez is a 32 KB JPG image file, which contains a mix of steganography and obfuscation techniques. It was up to ...

Image by Tieatie CTFJawn 2017 @ BSides Philly Write Up Security BSides recently came to Philadelphia, and with it a host of fun hacker related activities. One of those was a brand new first time Capture The Flag challenge — CTFJawn2017. CTFJawn 2017 (aptly named for a Philadelphia conference)...

September saw the last of the 3rd quarter challenges from the team over at Hackmethod (https://ctf.hackmethod.com/challenges). Starting in October the team will be moving over to a brand new more efficient CTF site and will be making some rule changes. This monthly set of challenges included a bu...

In addition to providing training and security services, the folks over at Hackmethod run a monthly Capture The Flag style challenge for hackers and information security professionals. Make sure you give them a visit at https://hackmethod.com/ This month’s set of challenges involved something I ...

Back in 2016 the Cyber Command branch of the United States Army (ARCYBER) released a commercial that lead to an ARG for recruitment of hackers. A YouTube video (https://www.youtube.com/watch?v=0LZnOorfS_Q) of the commercial showed the URL http://recruitahacker.net/ in the console lines displaye...

July brings another set of challenges from the Hackmethod team — https://hackmethod.com. This month’s challenge set includes 3 levels and is named “Jam_Packed”. I assumed based off the name that the challenges would be dealing with archives, steganography, or a combination of both. After getting ...

Part of the computer security business is keeping your skills sharp and up to date. Especially within the realm of technical knowledge, sometimes knowing is not enough. Getting that raw feeling of interaction with a live system can bring things full circle, and further help to bridge that gap bet...

In the early morning hours of a not particular Sunday morning, I stood outside on my balcony taking in the first sunlight that was just peeking through the clouds. While the crisp cool morning air wafted around my being, the neighborhood birds perched upon their trees chirped in a singsong cele...

Your Princess Is In Another Castle The Google 2017 Capture The Flag qualifiers have come and gone. I was lucky enough to be a part of the Hackmethod (https://hackmethod.com) team this year. If you don’t know what a digital version of Capture The Flag entails, it’s usually challenges where a ...

Recently I signed up for the Penetration Testing with Kali Linux training offered by Offensive Security. The course itself details various penetration testing concepts and consists of a training PDF, hours of guided video, technical exercises to complete, and a robust lab environment to practice ...