Learn
Sony SIRC Protocol: How Sony Remotes Work
Sony SIRC uses pulse-width encoding and a 40kHz carrier - different from NEC in important ways. Here's the full breakdown of 12-bit, 15-bit, and 20-bit SIRC variants.
Sony SIRC Protocol: How Sony Remotes Work
Sony SIRC uses pulse-width encoding and a 40kHz carrier - different from NEC in important ways. Here's the full breakdown of 12-bit, 15-bit, and 20-bit SIRC variants.
Wireless Security Auditing: A Checklist for IT ...
A practical wireless security audit checklist for IT teams - covering WPA3, PMF, WPS, rogue AP detection, and guest network isolation.
Wireless Security Auditing: A Checklist for IT ...
A practical wireless security audit checklist for IT teams - covering WPA3, PMF, WPS, rogue AP detection, and guest network isolation.
How ESP-NOW Works: The Protocol Powering BLESha...
ESP-NOW is Espressif's connectionless WiFi protocol - no association, no TCP/IP, MAC-to-MAC at up to 250m range. Here's how it works under the hood.
How ESP-NOW Works: The Protocol Powering BLESha...
ESP-NOW is Espressif's connectionless WiFi protocol - no association, no TCP/IP, MAC-to-MAC at up to 250m range. Here's how it works under the hood.
The NEC IR Protocol: How Most TV Remotes Send C...
NEC is the most common IR remote protocol. Here's how it encodes commands using pulse-distance modulation, with exact bit timings and frame structure.
The NEC IR Protocol: How Most TV Remotes Send C...
NEC is the most common IR remote protocol. Here's how it encodes commands using pulse-distance modulation, with exact bit timings and frame structure.
Windows BLE Spam: Why Windows Laptops Are Vulne...
Windows Swift Pair turns BLE advertisements into desktop popups. Here's how it works, why it can be triggered by spoofed packets, and how to disable it.
Windows BLE Spam: Why Windows Laptops Are Vulne...
Windows Swift Pair turns BLE advertisements into desktop popups. Here's how it works, why it can be triggered by spoofed packets, and how to disable it.
Bug Bounty Programs: How Companies Pay You to H...
Bug bounty programs pay researchers to find and report vulnerabilities. Here's how they work, what pays well, and how to get started.
Bug Bounty Programs: How Companies Pay You to H...
Bug bounty programs pay researchers to find and report vulnerabilities. Here's how they work, what pays well, and how to get started.
Bluetooth Frequency Hopping: How Classic Blueto...
Classic Bluetooth hops across 79 channels 1,600 times per second. BLE uses just 40 channels. Here's how the two approaches differ and why it matters.
Bluetooth Frequency Hopping: How Classic Blueto...
Classic Bluetooth hops across 79 channels 1,600 times per second. BLE uses just 40 channels. Here's how the two approaches differ and why it matters.
Using BLEShark Nano as a Presentation Controller
The BLEShark Nano works as a Bluetooth presentation clicker using its Mini Keypad and Media Controls apps. Here's the setup and what it can do that a standard clicker can't.
Using BLEShark Nano as a Presentation Controller
The BLEShark Nano works as a Bluetooth presentation clicker using its Mini Keypad and Media Controls apps. Here's the setup and what it can do that a standard clicker can't.
BLE Scanning: How to See What's Broadcasting Ar...
Every BLE device around you is broadcasting. Here's what passive scanning reveals, what each field means, and why it matters for privacy and security.
BLE Scanning: How to See What's Broadcasting Ar...
Every BLE device around you is broadcasting. Here's what passive scanning reveals, what each field means, and why it matters for privacy and security.
What Is Credential Harvesting? How Attackers Ca...
Credential harvesting is how attackers collect login data at scale. Here's how it works, what tools simulate it, and how to defend against it.
What Is Credential Harvesting? How Attackers Ca...
Credential harvesting is how attackers collect login data at scale. Here's how it works, what tools simulate it, and how to defend against it.
PC Monitor Over BLE: Checking Your Computer Sta...
The BLEShark Nano's PC Monitor app displays live CPU, GPU, RAM, and temperature stats on its OLED. Here's how the BLE data pipeline works and when it's useful.
PC Monitor Over BLE: Checking Your Computer Sta...
The BLEShark Nano's PC Monitor app displays live CPU, GPU, RAM, and temperature stats on its OLED. Here's how the BLE data pipeline works and when it's useful.
What Is 802.1X Enterprise WiFi? Why It's Harder...
802.1X replaces a shared password with per-user certificates and a RADIUS server. Here's how it works and what it means for security testing.
What Is 802.1X Enterprise WiFi? Why It's Harder...
802.1X replaces a shared password with per-user certificates and a RADIUS server. Here's how it works and what it means for security testing.
Network Segmentation: Why Flat Networks Are a S...
A flat network puts every device on the same broadcast domain. One compromised device can reach everything. Here's how segmentation fixes that.
Network Segmentation: Why Flat Networks Are a S...
A flat network puts every device on the same broadcast domain. One compromised device can reach everything. Here's how segmentation fixes that.
Replay Attacks: What They Are and Why Time-Base...
A replay attack captures a valid authentication and re-submits it later. No decryption required. Here's why nonces, timestamps, and TOTP exist to prevent exactly this.
Replay Attacks: What They Are and Why Time-Base...
A replay attack captures a valid authentication and re-submits it later. No decryption required. Here's why nonces, timestamps, and TOTP exist to prevent exactly this.
Man-in-the-Middle Attacks: How They Work and Ho...
A MITM attacker sits between you and the service you think you're talking to. Here's how ARP poisoning, SSL stripping, and rogue APs create that position - and how to...
Man-in-the-Middle Attacks: How They Work and Ho...
A MITM attacker sits between you and the service you think you're talking to. Here's how ARP poisoning, SSL stripping, and rogue APs create that position - and how to...
Samsung Fast Pair: How It Works and Why It's Vu...
Samsung and Google Fast Pair use BLE advertisements to trigger pairing popups on Android. Here's how the protocol works and why it has no spam protection.
Samsung Fast Pair: How It Works and Why It's Vu...
Samsung and Google Fast Pair use BLE advertisements to trigger pairing popups on Android. Here's how the protocol works and why it has no spam protection.
Passive vs Active Reconnaissance: What's the Di...
Passive recon leaves no traces on the target. Active recon does. Here's the practical difference, the detection risk of each, and when you'd choose one over the other.
Passive vs Active Reconnaissance: What's the Di...
Passive recon leaves no traces on the target. Active recon does. Here's the practical difference, the detection risk of each, and when you'd choose one over the other.
How the BLEShark Nano Mini Keypad Works: Macros...
The BLEShark Nano's Mini Keypad app turns its three physical buttons into programmable Bluetooth macro keys. Here's how it works and how to configure it.
How the BLEShark Nano Mini Keypad Works: Macros...
The BLEShark Nano's Mini Keypad app turns its three physical buttons into programmable Bluetooth macro keys. Here's how it works and how to configure it.
Apple Nearby Actions: The Protocol Behind iOS B...
How Apple's Continuity Protocol uses BLE advertisements to trigger iOS popups - and why any device can fake them.
Apple Nearby Actions: The Protocol Behind iOS B...
How Apple's Continuity Protocol uses BLE advertisements to trigger iOS popups - and why any device can fake them.
Classic Bluetooth vs BLE: What's Actually Diffe...
Classic Bluetooth (BR/EDR) and BLE share a name and frequency band but are fundamentally different protocols. Here's what separates them - and why security tools focus on BLE.
Classic Bluetooth vs BLE: What's Actually Diffe...
Classic Bluetooth (BR/EDR) and BLE share a name and frequency band but are fundamentally different protocols. Here's what separates them - and why security tools focus on BLE.
What's in a BLEShark Nano Firmware Update? How ...
Where BLEShark changelogs live, how to read them, how to check your current firmware version, and how to trigger an OTA update.
What's in a BLEShark Nano Firmware Update? How ...
Where BLEShark changelogs live, how to read them, how to check your current firmware version, and how to trigger an OTA update.
What Is OSINT? Open Source Intelligence for Sec...
OSINT is intelligence gathered from public sources - DNS, social media, Shodan, job postings. Here's what it is, how it fits into security research, and the legal boundaries.
What Is OSINT? Open Source Intelligence for Sec...
OSINT is intelligence gathered from public sources - DNS, social media, Shodan, job postings. Here's what it is, how it fits into security research, and the legal boundaries.
Social Engineering 101: Why Humans Are the Weak...
Technical controls don't stop social engineering attacks. Here's the taxonomy of attack types, why they work, and what security awareness training actually addresses.
Social Engineering 101: Why Humans Are the Weak...
Technical controls don't stop social engineering attacks. Here's the taxonomy of attack types, why they work, and what security awareness training actually addresses.
The CIA Triad: Confidentiality, Integrity, and ...
Confidentiality, Integrity, Availability. Every security control exists to protect one of these. Here's what each means, with wireless attack examples for each pillar.
The CIA Triad: Confidentiality, Integrity, and ...
Confidentiality, Integrity, Availability. Every security control exists to protect one of these. Here's what each means, with wireless attack examples for each pillar.