Craig HaysAdmin of One — A Powerful Way to Highly Limit Blast RadiusOne of the most important principles of cyber security is Admin of One. By reducing the number of devices a password can manage to a…·4 min read·Jun 4, 2023----
Craig HaysinInfoSec Write-upsNmap OS Detection: Easy, Fast, and Powerful Examples [How To Guide]Nmap OS detection is a quick and powerful way to determine what operating system a remote device is running. Here’s how to use it.·4 min read·Sep 22, 2022----
Craig HaysinInfoSec Write-upsHow Hackers Use Open-Source Intelligence to Ransomware CompaniesDemonstrating with a real company how a hacker can compromise an organisation in under 2 hours using OSINT and social engineering.·8 min read·Sep 10, 2021--4--4
Craig HaysinInfoSec Write-upsHow I Bought a £240.00 Annual Subscription for Bargain £0.01I found a way to alter a premium subscription service price and bought it for a penny. This is how I did it.·4 min read·Aug 11, 2021--1--1
Craig HaysinInfoSec Write-upsPre-Account Takeover by Reversing a Weak Email Verification Token AlgorithmI spoofed access to other people’s email in order to pre-steal user accounts before they are first registered. Here’s how I did it.·7 min read·Jul 22, 2021--2--2
Craig HaysinInfoSec Write-upsCracking Encrypted Credit Card Numbers Exposed By APII found an API that exposed encrypted credit card numbers. Here’s how I cracked them to reveal the full card details.·6 min read·Jun 22, 2021--1--1
Craig HaysinInfoSec Write-upsOne Time Code Bypass With An Inverted Brute-Force Attack“We’ve sent a six-digit code to your email address. Enter it below to login.”·4 min read·Jun 18, 2021--1--1
Craig HaysinDigital DiplomacyWhy You Should Never Trust a Free Proxy ServerFree and open proxy servers promise anonymous internet access, but at what cost?·6 min read·Nov 6, 2020--1--1
Craig HaysinThe StartupHow Phishing Websites Use Captcha to Fool Browsers and PeopleEvading detection and building trust with Captcha challenges and Smishing attacks.·5 min read·Oct 30, 2020----
Craig HaysinThe StartupPhishing Email to Company Devastating Ransomware in 5 HoursHow hackers manually escalated from a malicious email to a devastating, company-wide ransomware takeover in under 5 hours.·7 min read·Oct 25, 2020----