Robin Bradshaw

@[email protected]
145 Followers
312 Following
494 Posts
Cybersecurity and hardware hacking
bloghttps://en4rab.github.io/
lolhttps://gogle-analytics.com/
lmaohttps://gogleapis.com/
Emptyhttps://www.en4rab.co.uk/
Robin BradshawMay 19
BrianKrebsMay 18

New, by me: CISA Admin Leaked AWS GovCloud Keys on GitHub

Until this past weekend, a contractor for the Cybersecurity & Infrastructure Security Agency (CISA) maintained a public GitHub repository that exposed credentials to several highly privileged AWS GovCloud accounts and a large number of internal CISA systems. Security experts said the public archive included files detailing how CISA builds, tests and deploys software internally, and that it represents one of the most egregious government data leaks in recent history.

https://krebsonsecurity.com/2026/05/cisa-admin-leaked-aws-govcloud-keys-on-github/

Robin BradshawMay 13
Since nobody asked here is an x-ray of a Third Millenium RX490/OSDP access control reader to brighten up your wednesday evening.
Featuring an unusual angled leadframe on the top chip and what looks to be an IR tamper sensor to the right of it.
https://www.tm-readers.com/rx4-rfid_card_reader.htm
Robin BradshawApr 22
sleepy duck pond appreciator ๐Ÿฆ†โœจ๐Ÿณ๏ธโ€๐ŸŒˆApr 22
Robin BradshawMar 22
ScarletMar 22
โ€œShazam for Batsโ€ is absolutely sending me.
Robin BradshawMar 16
Koen van HoveMar 15
I just managed to make another watchface, this time (pun intended) it's always 11 AM, but the timezone changes every hour to where it's 11 AM in the world.
Robin BradshawMar 15
RMar 15

So, I recently saw some quiet discussion about a paper where researchers reverse-engineered and disclosed some attacks against PhotoDNA, the very-super-duper-secret algorithm used by tech megacorps to scan for illegal images.

They didn't make any code public, and so... I did: https://github.com/ArcaneNibble/open-alleged-photodna

A _complete_ reverse-engineering and commented Python reimplementation of the algorithm from publicly-leaked binaries.

This means that studying the algorithm and any potential flaws is now much more accessible.

This took only about two days (once I knew that there even _was_ a leaked binary to compare against), which just goes to again show that security through obscurity never works.

๐Ÿ” encouraged

GitHub - ArcaneNibble/open-alleged-photodna: because research belongs to _everybody_

because research belongs to _everybody_. Contribute to ArcaneNibble/open-alleged-photodna development by creating an account on GitHub.

GitHub
Show threadRobin BradshawMar 7
To celebrate this I made a short video demonstrating the issue. It has been fixed so if you are using this system make sure you have updated to the latest version.
https://www.youtube.com/watch?v=1WCKcmFfwZc
net2pwn gui final

YouTube
Robin BradshawMar 7
The BSides London videos were posted last week so the talk by my friends Kev Breen and Ben McCarthy on Paxton Net2 is now on youtube
https://www.youtube.com/watch?v=pj0pM1kSEPI
Open Sesame โ€“ All Your Doors Are Belong To Us - Kev Breen, Ben McCarthy

YouTube
Robin BradshawMar 1
It's a Saturday night and time to go wild! Here we have x-rays of an X-Horse VVDI mini rfid cloning tool and an XT72A superchip in a SOT385 package which it uses to clone tags to.
Robin BradshawFeb 28
DJ๐ŸŒžFeb 27

Does anybody know what elementary file 2FE4 contain on SIM cards? It doesn't look like it is described in any standards I've looked at, and its contents varies widely across cards. Maybe boost for reach?

#electronics #smartcards