EXPLOITS.RUNHacking and OSINT stories and techniqueshttps://exploits.run/2025-11-06T12:00:00.000ZDissecting a Crypto Theft Operation: When JavaScript Obfuscation Hides a Fee-Based Scamhttps://exploits.run/manler-cc-crypto-theft/2025-11-06T12:00:00.000Z2025-11-06T12:00:00.000ZMichaelThis post is part technical deep-dive, part forensic investigation story. I'll walk through how I discovered and analyzed a sophisticated cryptocurrency theft operation that uses advanced JavaScript obfuscation to hide a fee-based scam. The…OSINT Is Not Just Data Gatheringhttps://exploits.run/osint-is-not-just-data/2025-05-11T12:00:00.000Z2025-05-11T12:00:00.000ZMichaelEveryone wants to be an OSINT analyst these days. Scraping Shodan, running a few Google dorks, maybe linking a scammer’s Telegram handle to a throwaway Gmail. That’s open-source intelligence, right? Sort of. But mostly not. The truth is, OS…Getting Started with Windows Subsystem for Linuxhttps://exploits.run/wsl/2024-07-11T12:00:00.000Z2024-07-11T12:00:00.000ZMichael# WHAT IS WINDOWS SUBSYSTEM FOR LINUX? Most people are either unaware or forget about a wonderful Windows feature called Windows Subsystem for Linux (WSL). WSL gives you access to a full linux kernel right in your Windows installation. This…Search Engine Dorking (Google Case Study)https://exploits.run/google-dorking/2020-12-01T12:00:00.000Z2020-12-01T12:00:00.000ZMichaelBefore we dive in, please understand that this is an introductory level post and for the more technically inclined, there may not be much for consumption here. I will not go in depth on many topics surrounding search engines as a whole and…The Curious Case of Vincent Briatorehttps://exploits.run/uncovering-a-scam/2020-05-28T12:00:00.000Z2020-05-28T12:00:00.000ZMichaelDue to a large amount of screenshots with text, this blog is best read on a desktop as opposed to a phone. This post is also rather long so you may want to get settled in. Many of you know that I use Brave as my daily browser. One of the fe…Analyzing Analytics (Featuring: The FBI)https://exploits.run/analytics-analysis-fbi/2020-02-16T12:00:00.000Z2020-02-16T12:00:00.000ZMichaelRecently while conducting some research, I found myself down the path of Google Analytics ID's as well as other analytics services. I was investigating ways to not only identify varying analytics code in sites, but to correlate them with ot…Facebook | Uncovering Seller Info Without Loginhttps://exploits.run/fbmarketplace/2020-01-03T12:00:00.000Z2020-01-03T12:00:00.000ZMichaelI was doing some research this week on Facebook Marketplace looking for some... unethically acquired and resold items and the sellers behind them. However, my research was limited to only acquiring data without being logged into a Facebook…The Internet of Sonoshttps://exploits.run/sonos/2019-01-22T12:00:00.000Z2019-01-22T12:00:00.000ZMichaelRecently a friend of mine inquired about my opinion on a Sonos (audio) device that was on their network that had been end of life for years. We were deliberating on what the threat landscape was for seemingly harmless devices like this on t…Hacking Rihanna's Bank Accounthttps://exploits.run/rihanna/2018-11-30T12:00:00.000Z2018-11-30T12:00:00.000ZMichaelOkay full disclosure, this title is half clickbait. This is actually a story about a scammer claiming to be Rihanna asking me to hack their bank account and send their “brother” money. The majority of this will simply be screenshots of the…Using Password Resets for OSINThttps://exploits.run/password-osint/2018-11-19T12:00:00.000Z2018-11-19T12:00:00.000ZMichaelThis post is part practical, but mostly story. I’ll go through how I use password resets on various services to gather fragments of information on someone, alongside a story of how I piece those together to get more definitive information.…Email Spoofing With Powershellhttps://exploits.run/email-spoofing-powershell/2018-10-21T12:00:00.000Z2018-10-21T12:00:00.000ZMichaelI had previously written about Email Spoofing With Netcat/Telnet and it was a seemingly instant hit. Even though the same commands were applicable to Windows users through telnet, which is off by default on Windows installations, or netcat…No, A Porn Virus Didn't Compromise Your Accounthttps://exploits.run/porn-scam/2018-10-08T12:00:00.000Z2018-10-08T12:00:00.000ZMichaelI provide support to many businesses so I run into plenty of random issues throughout my work week. However, one issue appears to be an ever increasing constant over the past several weeks. So much so that I’ve actually had to type up a can…Email Spoofing With Netcat or Telnethttps://exploits.run/email-spoofing-netcat/2018-09-26T12:00:00.000Z2018-09-26T12:00:00.000ZMichaelI have also written a follow up post about spoofing with powershell here . Recently, while having a discussion with a security research team I’m on, we stumbled into discussion about email spoofing. This ultimately led to all sorts of shena…BSides Portland | OSINT CTFhttps://exploits.run/bsidespdx/2018-08-27T12:00:00.000Z2018-08-27T12:00:00.000ZMichaelThe final score was close. I placed second as a solo competitor (CWRT), losing to a team of 4. I had the opportunity to attend the BSides Portland event this year and I had a great time. There were some great talks this year and I feel like…Parrot OS on Windows Subsystem for Linux (WSL)https://exploits.run/parrot-wsl/2018-05-22T12:00:00.000Z2018-05-22T12:00:00.000ZMichaelDue to Parrot no longer actively maintaining the Github repo for this install script, I have ported it to a gist on my own account. I am now working to actively maintain it to ensure it continues working. As of Jan 13, 2020, it appears that…Nmap In The Windows Subsystem for Linux (WSL)https://exploits.run/nmap-wsl/2018-05-21T12:00:00.000Z2018-05-21T12:00:00.000ZMichael# TL;DR: Use an alias on the WSL side to call to the Windows side. Ever since the release of the Windows Subsystem for Linux, a years long unfulfilled hope of using Nmap in this wonderful environment still lingers. If you run: sudo apt-inst…Tales of a Man Flippant With His Data (Facebook)https://exploits.run/data-facebook/2018-04-21T12:00:00.000Z2018-04-21T12:00:00.000ZMichaelThis is post 2 of 2 in a series on data collection. You can view post one here . # IP ADDRESSES GALORE Unless I’m mistaken, and I very well may be, it appears that Facebook does far more IP logging than Google did (at least from what was av…Tales of a Man Flippant With His Data (Google)https://exploits.run/data-google/2018-04-03T12:00:00.000Z2018-04-03T12:00:00.000ZMichaelThis is post 1 of 2 in a series on data collection. You can view post two here . Recently, I decided to download my Google and Facebook data archives containing all the information they had on me. I have had a Google account since 2006 and…