Mike Gualtieri's posts on cybersecurity, Linux, Open Source Software, and electronics.https://www.mike-gualtieri.com/enCopyright © 2026 Mike GualtieriMike GualtieriMike GualtieriSat, 11 Apr 2026 00:44:25 GMTAstro RSShttps://www.rssboard.org/rss-specification60https://www.mike-gualtieri.com/posts/2022-conference-talks/https://www.mike-gualtieri.com/posts/2022-conference-talks/In 2022 I was honored to present at the SANS Pen Test HackFest Summit. Here is a recording shared of the event.Fri, 06 Jan 2023 00:00:00 GMThttps://www.mike-gualtieri.com/posts/attachments/youtube-cover.jpgsecurityconference talkinfoseccybersecuritypurple teamMike Gualtierihttps://www.mike-gualtieri.com/posts/2021-conference-talks/https://www.mike-gualtieri.com/posts/2021-conference-talks/I was fortunate to have been invited to present at two conferences in 2021! Here are recordings shared online for each event.Tue, 04 Jan 2022 00:00:00 GMThttps://www.mike-gualtieri.com/posts/attachments/youtube-cover.jpgsecurityconference talkinfoseccybersecuritypurple teamoffensivesecurityMike Gualtierihttps://www.mike-gualtieri.com/posts/purple-team-tactics-simulating-supply-chain-attacks-with-dll-hijacking/https://www.mike-gualtieri.com/posts/purple-team-tactics-simulating-supply-chain-attacks-with-dll-hijacking/This post details a method of creating a realistic synthetic supply chain attack, which can be conducted as part of a Purple Team exercise, using DLL hijacking to inject synthetic malware into an application.Tue, 25 May 2021 00:00:00 GMThttps://www.mike-gualtieri.com/posts/attachments/purple-team-dll-hijack-card.pngpurple teamadversarial emulationsupply chain hackMike Gualtierihttps://www.mike-gualtieri.com/posts/2020-conference-talks/https://www.mike-gualtieri.com/posts/2020-conference-talks/I was fortunate to have been invited to present two conference talks in 2020, and even better each talk was recorded and shared online by the event! Here are the shared recordings.Sat, 22 May 2021 00:00:00 GMThttps://www.mike-gualtieri.com/posts/attachments/youtube-cover.jpgsecurityinfosecconference talkMike Gualtierihttps://www.mike-gualtieri.com/posts/live-off-the-land-and-crack-the-ntlmssp-protocol/https://www.mike-gualtieri.com/posts/live-off-the-land-and-crack-the-ntlmssp-protocol/Live Off the Land in Windows and intercept NTLMv2 hashes! A new tool NTLMRawUnHide is introduced to extract NTLMv2 hashes from raw packet traces, and we learn more about the NTLMSSP protocol.Fri, 26 Jun 2020 00:00:00 GMThttps://www.mike-gualtieri.com/posts/attachments/NTLMRawUnHide-card.pnghackingsecuritypenetration testingtoolNTLMv2NTLMSSPMike Gualtierihttps://www.mike-gualtieri.com/posts/red-team-tradecraft-loading-encrypted-c-sharp-assemblies-in-memory/https://www.mike-gualtieri.com/posts/red-team-tradecraft-loading-encrypted-c-sharp-assemblies-in-memory/This post explores creating a simple C# dropper example that loads remotely hosted encrypted assemblies in memory.Fri, 31 Jan 2020 00:00:00 GMThttps://www.mike-gualtieri.com/posts/attachments/red-team-tradecraft-c-sharp.jpgred teamc sharptradecraftMike Gualtierihttps://www.mike-gualtieri.com/posts/hooking-linux-libraries-for-post-exploitation-fun/https://www.mike-gualtieri.com/posts/hooking-linux-libraries-for-post-exploitation-fun/Explore Linux shared library hooking and process injection techniques using LD_PRELOAD to intercept passwords from htpasswd and PHP applications in memory.Mon, 13 Jan 2020 00:00:00 GMThttps://www.mike-gualtieri.com/posts/attachments/linux-process-injection-card.jpghackingsecurityinfoseclinuxred teamMike Gualtierihttps://www.mike-gualtieri.com/posts/finding-a-decade-old-flaw-in-gnu-mailutils/https://www.mike-gualtieri.com/posts/finding-a-decade-old-flaw-in-gnu-mailutils/I recently discovered a Linux privilege escalation flaw dating back over 10 years in GNU Mailutils, a popular package self-described as Wed, 20 Nov 2019 00:00:00 GMThttps://www.mike-gualtieri.com/posts/attachments/mailutils-privesc-card.pngsecurityinfosecvulnerability disclosureprivilege escalationlinuxMike Gualtierihttps://www.mike-gualtieri.com/posts/modifying-empire-to-evade-windows-defender/https://www.mike-gualtieri.com/posts/modifying-empire-to-evade-windows-defender/By tearing into the Empire code base, we can easily modify some key areas and bypass that pesky client-side antivirus.Tue, 26 Feb 2019 00:00:00 GMThttps://www.mike-gualtieri.com/posts/attachments/powershell-empire-av-bypass-card.pngsecurityinfosecempireantivirusevasionhackingMike Gualtierihttps://www.mike-gualtieri.com/posts/fax-vulnerability-may-have-lasting-effects-for-small-businesses/https://www.mike-gualtieri.com/posts/fax-vulnerability-may-have-lasting-effects-for-small-businesses/Vulnerabilities in the fax protocol may rear it's ugly head for some time, especially for small-to-mid sized businesses; and especially for those that handle sensitive data.Fri, 17 Aug 2018 00:00:00 GMThttps://www.mike-gualtieri.com/posts/attachments/pc-load-letter-fax.jpgsecuritysmall businessfax machinesMike Gualtierihttps://www.mike-gualtieri.com/posts/multiple-flaws-uncovered-in-pydio-8/https://www.mike-gualtieri.com/posts/multiple-flaws-uncovered-in-pydio-8/Security research uncovering multiple vulnerabilities in Pydio 8, including XSS, SSRF, and Remote Code Execution flaws. CVE-2018-1999016, CVE-2018-1999017, CVE-2018-1999018.Mon, 23 Jul 2018 00:00:00 GMTvulnerability disclosurepydiosecurityweb securityMike Gualtierihttps://www.mike-gualtieri.com/posts/s3-buckets-now-with-both-leak-and-fill-vulnerability/https://www.mike-gualtieri.com/posts/s3-buckets-now-with-both-leak-and-fill-vulnerability/Earlier this week I had the privilege of providing insight for a Bleeping Computer article about the impending time-bomb that is world-writable Amazon S3 buckets.Fri, 23 Feb 2018 00:00:00 GMThttps://www.mike-gualtieri.com/posts/attachments/leaky-bucket-band-aid.jpgsecuritys3ransomwarecryptojackingMike Gualtierihttps://www.mike-gualtieri.com/posts/stealing-data-with-css-attack-and-defense/https://www.mike-gualtieri.com/posts/stealing-data-with-css-attack-and-defense/A method is detailed, dubbed CSS Exfil, which can be used to steal targeted data using Cascading Style Sheets (CSS) as an attack vector.Tue, 06 Feb 2018 00:00:00 GMThttps://www.mike-gualtieri.com/posts/attachments/css-exfil-header.pngCSS Exfilexploitweb securityMike Gualtierihttps://www.mike-gualtieri.com/posts/model-radio-tower-using-555-timer-and-lego-bricks/https://www.mike-gualtieri.com/posts/model-radio-tower-using-555-timer-and-lego-bricks/Sometimes basic analog circuits are the best choice. This project uses a 555 timer to pulse lights on a model Lego radio antenna.Thu, 21 Dec 2017 00:00:00 GMThttps://www.mike-gualtieri.com/posts/attachments/IMG_20171218_222246_901.jpgelectronicsmake555 timerlegoradioantennaMike Gualtierihttps://www.mike-gualtieri.com/posts/move-over-s3-open-directory-indexes-continue-to-be-a-problem/https://www.mike-gualtieri.com/posts/move-over-s3-open-directory-indexes-continue-to-be-a-problem/Analysis of publicly accessible web server directories containing sensitive data, showing millions of exposed files indexed on Google beyond just S3 bucket misconfigurations.Tue, 12 Dec 2017 00:00:00 GMThttps://www.mike-gualtieri.com/posts/attachments/opendir-header.pngsecurityinfoseccybersecurityowaspremote vulnerabilitys3Mike Gualtierihttps://www.mike-gualtieri.com/posts/001-xterm-can-talk-amazon-delivery/https://www.mike-gualtieri.com/posts/001-xterm-can-talk-amazon-delivery/A tech-themed cartoon exploring the humorous side of smart home technology and Amazon's delivery ecosystem.Thu, 30 Nov 2017 00:00:00 GMTcartoonamazonechoMike Gualtierihttps://www.mike-gualtieri.com/posts/security-researchers-lose-a-favorite-dns-recon-tool-jan-2018/https://www.mike-gualtieri.com/posts/security-researchers-lose-a-favorite-dns-recon-tool-jan-2018/Scammers can now conceal their campaigns by utilizing a wildcard certificate, so the phishing sub-domain does not appear in the Certificate Transparency project.Thu, 16 Nov 2017 00:00:00 GMTinfoseccybersecuritycertificate transparencyletsencryptphishingMike Gualtierihttps://www.mike-gualtieri.com/posts/krack-how-to-protect-yourself-on-a-flawed-network/https://www.mike-gualtieri.com/posts/krack-how-to-protect-yourself-on-a-flawed-network/KRACK underscores an important lesson. You can't trust your network. As soon as a packet leaves your computer or smartphone, assume always that it's being sniffed and manipulated.Wed, 18 Oct 2017 00:00:00 GMTsecurityhackingkrackwpa2Mike Gualtierihttps://www.mike-gualtieri.com/posts/ios-credential-phishing-flaw-not-limited-to-malicious-apps/https://www.mike-gualtieri.com/posts/ios-credential-phishing-flaw-not-limited-to-malicious-apps/While this isn't necessarily a direct flaw within iOS, the attack vector is subtle and I bet would fool many people.Tue, 10 Oct 2017 00:00:00 GMTsecurityhackingphishingMike Gualtierihttps://www.mike-gualtieri.com/posts/equifax-sec-and-now-deloitte-organizations-must-employ-offensive-security/https://www.mike-gualtieri.com/posts/equifax-sec-and-now-deloitte-organizations-must-employ-offensive-security/Offensive security is a school of thought, where a proactive approach is taken to computer security. While defensive measures are essential, an offensive security approach focuses on penetration testing and thinking like an attacker, with a goal of finding weaknesses in your own organization's systems and software.Tue, 26 Sep 2017 00:00:00 GMTsecurityhackinginfosecoffensivesecurityMike Gualtierihttps://www.mike-gualtieri.com/posts/equifax-redux-part-one-assume-you-are-already-compromised/https://www.mike-gualtieri.com/posts/equifax-redux-part-one-assume-you-are-already-compromised/I'm not going to speculate why a software package went unpatched.  It should have been patched - and swiftly - but what if the flaw was a so-called 0-day exploit without a patch?  Would Equifax still be held liable for such a massive breach?  The answer should be a resounding yes!Thu, 21 Sep 2017 00:00:00 GMTsecurityhackinginfosecMike Gualtierihttps://www.mike-gualtieri.com/posts/chaining-remote-web-vulnerabilities-to-abuse-lets-encrypt/https://www.mike-gualtieri.com/posts/chaining-remote-web-vulnerabilities-to-abuse-lets-encrypt/Recently I started playing around with the ACME validation routine Let's Encrypt uses to verify domain ownership, suspecting that it may be abused to issue an SSL certificate to an attacker.Thu, 31 Aug 2017 00:00:00 GMTsecurityhackingremote vulnerabilitysslletsencryptMike Gualtierihttps://www.mike-gualtieri.com/posts/build-a-raspberry-pi-powered-arcade-machine/https://www.mike-gualtieri.com/posts/build-a-raspberry-pi-powered-arcade-machine/Complete guide to building a retro arcade machine powered by Raspberry Pi with MAME, including hardware setup, GPIO controls, and custom software configuration.Thu, 13 Feb 2014 00:00:00 GMTraspberry piarcademakeelectronicsMike Gualtierihttps://www.mike-gualtieri.com/posts/arduino-word-clock/https://www.mike-gualtieri.com/posts/arduino-word-clock/Complete tutorial for building an Arduino word clock that displays time as sentences using LEDs, shift registers, and a real-time clock module.Tue, 24 Dec 2013 00:00:00 GMTarduinoelectronicsclockRTCshift registersMike Gualtierihttps://www.mike-gualtieri.com/posts/new-website-makerf/https://www.mike-gualtieri.com/posts/new-website-makerf/If you are interested in radio and hobby electronics be sure to check out my new website makeRF.com!Mon, 17 Jun 2013 00:00:00 GMTamateur radioelectronicsmakeDIYmakeRFMike Gualtierihttps://www.mike-gualtieri.com/posts/hacking-my-house-1-5-when-lightning-rings/https://www.mike-gualtieri.com/posts/hacking-my-house-1-5-when-lightning-rings/How I fixed my Arduino doorbell that randomly rang during thunderstorms by adding a simple filter circuit to eliminate electrical noise from lightning and appliances.Wed, 22 May 2013 00:00:00 GMTarduinocircuitselectronicsdoorbellschematicfilterMike Gualtierihttps://www.mike-gualtieri.com/posts/hacking-my-house-1-building-a-musical-arduino-doorbell/https://www.mike-gualtieri.com/posts/hacking-my-house-1-building-a-musical-arduino-doorbell/Building a custom Arduino doorbell that plays music using PWM, featuring circuit schematics, code, and an LM386 amplifier to replace boring ding-dong chimes.Wed, 27 Mar 2013 00:00:00 GMTarduinocircuitselectronicsdoorbellschematiclm386Mike Gualtierihttps://www.mike-gualtieri.com/posts/moving-your-landline-to-google-voice/https://www.mike-gualtieri.com/posts/moving-your-landline-to-google-voice/A step-by-step guide to porting your landline phone number to Google Voice using a prepaid cell phone as an intermediary.Wed, 13 Jun 2012 00:00:00 GMTgoogle voiceland linenumber portingMike Gualtierihttps://www.mike-gualtieri.com/posts/in-memoriam-steve-jobs/https://www.mike-gualtieri.com/posts/in-memoriam-steve-jobs/Remembering Steve Jobs and his legacy of design excellence, including the story of how rounded corners made their way into software.Wed, 05 Oct 2011 00:00:00 GMTSteve Jobsrounded cornersMike Gualtierihttps://www.mike-gualtieri.com/posts/facebook-facial-recognition-tool-is-good-for-online-privacy/https://www.mike-gualtieri.com/posts/facebook-facial-recognition-tool-is-good-for-online-privacy/The scary part about Facebook is the part I'm not in control of, my Facebook Friends. Unfortunately, there is little I can do when friends share my personal information or pictures online.Fri, 10 Jun 2011 00:00:00 GMTfacebookprivacyMike Gualtierihttps://www.mike-gualtieri.com/posts/android-could-overtake-windows-in-2016/https://www.mike-gualtieri.com/posts/android-could-overtake-windows-in-2016/This model looks a bit more realistic, with total smartphone and PC sales in 2016 looking reasonable. 2016 is also the year where Android could surpass the Windows PC.Thu, 03 Feb 2011 00:00:00 GMTandroidwindowslinuxmobileOS warsmartphonetabletsfutureMike Gualtierihttps://www.mike-gualtieri.com/posts/the-path-to-ubiquitous-desktop-linux/https://www.mike-gualtieri.com/posts/the-path-to-ubiquitous-desktop-linux/Envisioning a future where smartphones and tablets running Linux replace traditional desktop computers by interfacing with dumb terminals at work and home.Wed, 12 Jan 2011 00:00:00 GMTlinuxdesktop linuxandroidtabletssmartphoneOS warfutureMike Gualtierihttps://www.mike-gualtieri.com/posts/oh-no-papa-smurf/https://www.mike-gualtieri.com/posts/oh-no-papa-smurf/ The problem with devices like the iPad is the same problem with the PC. They aren't designed for children, which can lead to usage issues.Fri, 17 Dec 2010 00:00:00 GMTiPadiPhoneandroidkidsUXparental controlstabletsMike Gualtierihttps://www.mike-gualtieri.com/posts/windows-phone-7-terrible-ux/https://www.mike-gualtieri.com/posts/windows-phone-7-terrible-ux/A critical look at Windows Phone 7's poor user experience design, including cut-off text, inefficient screen usage, and excessive swiping requirements.Fri, 15 Oct 2010 00:00:00 GMTmicrosoftwindows mobilewindows phone 7UXMike Gualtierihttps://www.mike-gualtieri.com/posts/open-marketplace-is-not-open-source/https://www.mike-gualtieri.com/posts/open-marketplace-is-not-open-source/Clarifying the difference between Android's open marketplace and open source software, and why security concerns about Android stem from closed source apps, not the OS itself.Wed, 06 Oct 2010 00:00:00 GMTandroidsecurityopen source softwareapp storeMike Gualtierihttps://www.mike-gualtieri.com/posts/rockmite-qrp-rig/https://www.mike-gualtieri.com/posts/rockmite-qrp-rig/The Rockmite is a low power (QRP) shortwave transceiver (combination receiver and transmitter) that can send morse code (CW) on a variety of frequencies.Wed, 15 Sep 2010 00:00:00 GMTham radioshortwave radioamateur radiorockmitetransceiverCWaltoidselectronicsMike Gualtierihttps://www.mike-gualtieri.com/posts/what-the-lag-youtube/https://www.mike-gualtieri.com/posts/what-the-lag-youtube/Am I the only person in the world who is unsatisfied with the major lag while playing YouTube video's this past week?Fri, 10 Sep 2010 00:00:00 GMTyoutubenet neutralitylagMike Gualtierihttps://www.mike-gualtieri.com/posts/browser-focus-on-usability/https://www.mike-gualtieri.com/posts/browser-focus-on-usability/If browsers standardized on one rendering engine, engineers could pour their innovations into one experience that is fast and renders exactly the same on all screens.Wed, 18 Aug 2010 00:00:00 GMTbrowserschromefirefoxmozillawebkitgeckorendering enginesMike Gualtierihttps://www.mike-gualtieri.com/posts/android-iphone-oss-code-review/https://www.mike-gualtieri.com/posts/android-iphone-oss-code-review/ Android, iPhone, and Open Source Code Review - Summer is the season for security conferences, and one hot topic making news is the (in)security of smartphones.Wed, 11 Aug 2010 00:00:00 GMTandroidiPhonesecurityopen source softwaretrojanssmartphoneMike Gualtierihttps://www.mike-gualtieri.com/posts/fvwm/https://www.mike-gualtieri.com/posts/fvwm/A highly customizable FVWM window manager configuration for Linux, built for power users seeking ultimate desktop configurability.Sat, 07 Aug 2010 00:00:00 GMTfvwmlinuxdesktopMike Gualtierihttps://www.mike-gualtieri.com/posts/linux-screenshots/https://www.mike-gualtieri.com/posts/linux-screenshots/A visual journey through the evolution of Linux desktop environments from KDE in 2001 to modern configurations, showcasing the customization possibilities.Sat, 07 Aug 2010 00:00:00 GMTLinuxdesktopscreenshotsMike Gualtierihttps://www.mike-gualtieri.com/posts/kiddix/https://www.mike-gualtieri.com/posts/kiddix/A family-friendly Linux-based operating system designed specifically for children, providing a safe, friendly, and fun computing environment.Sat, 07 Aug 2010 00:00:00 GMTKiddixLinuxkidsMike Gualtierihttps://www.mike-gualtieri.com/posts/splitsplat/https://www.mike-gualtieri.com/posts/splitsplat/An iPhone game developed in 2009 featuring a pigeon controlled by accelerometer, created during the iPhone app gold rush era.Sat, 07 Aug 2010 00:00:00 GMTSplit SplatiPhonegameMike Gualtierihttps://www.mike-gualtieri.com/posts/welcome-to-my-updated-homepage/https://www.mike-gualtieri.com/posts/welcome-to-my-updated-homepage/Mike Gualtieri: Homepage - Welcome To My Updated Homepage! I finally found some time to redesign my personal homepage, which has been in desperate need of an update.Fri, 06 Aug 2010 00:00:00 GMTmike gualtierihomepageMike Gualtieri