I'm gus, a non-certified somewhat-ethical hacker
When sampled from a secure uniform random distribution, passwords become an end in itself, they become portable entropy. A determinisitc algorithm, such as encode(hash(password)), can leverage that property to derive complex values from a few magical words.
The OSINT community has known for a while about an internal Google endpoint that can retrieve the ID, name, and picture associated with an email of a Google account.
Connect a MEMS microphone to a $5 wireless microcontroller, write a few lines of code, and you've built a cheap eavesdropping device. Pipe the audio into a lightweight speech-to-text engine, transcribe conversations in real-time, and you've made a Russian spy proud.
After trying to write a simple asynchronous web application in Python, I gave up and decided to write my own micro framework. It has support for routing, middleware, lifespan, and application mounting. All in a concise and clean codebase.
You can easily setup dnsmasq, a lightweight DNS caching server, for surveillance and social engineering. See who's at home (IPv6), what apps/sites they are using, and create realistic login pages at trusted domains.
CircuitPython, a Python implementation for embedded, has an HID library. In just 50 LOC, you can have a DuckyScript™ interpreter that works across a wide range of microcontrollers.
I put together a patch that fixes known bugs and improves the REPL in Lua 5.1.
All the work present in this website has been dedicated to the public domain. Which means that anyone is free to use, copy, modify, and/or distribute any of the work for any purpose, with or without fee, by any means without any warranty. Licensed under 0BSD or CC0-1.0 or Unlicense.