‘A small team of A players can run circles round a giant team of B and C players’ – the late Steve Jobs

So  I decided to conduct a….. hmmmm… ‘social experiment’. I am always amazed and intrigued by the bluster put forth by ‘members’ of ‘Anonymous’.  I decided to see for myself exactly how ‘anonymous’ anonymous think they are. One of the really great things about being me is thousands of Anons follow me on twitter, because, as much as they protest, they like to keep a close eye on what I am up to at any given moment, but as we all know, the hand, in some cases, is quicker than the eye right? I can use this fact to my advantage.

With Twitter, whether I am following someone or not, if they are following me I can Direct Message them.

So I coded-up a really quick and dirty Twitter App that went through my 56,000 followers and picked out 250 random followers that had the letters ‘anon’ in their twitter handle, it just looped through until it reached the API limit. Upon finding a ‘mark’ it then ran off to Project Looking Glass and generated a unique URL very similar to this one:

Shark in the Water

Posted: 1st November 2012 by th3j35t3r in General, Hacker Tracker
Tags:

‘Yes I do irritate career trolls, but what’s their point?’ – Unknown

Hey all. Sorry it’s me again. But you chose to come read me so your bad, not mine. I have been taking a ‘little’ flak over PLG. Some folks say it doesn’t exist, some say it is a photoshopped mock up, some say I plagarized BeEf even though I credited the fine work of Spiderlabs and the original project in my original PLG post. So here’s a thing, open source right? We can all use it, branch it and fork it.

But still they question, still they claim the ‘photoshop’ claim etc etc. …..Boring, unsubstantiated, oh and did I mention…boring again.

Well I decided to ‘deliver’ for all to see.

I am often asked what tools I am packing in my battle chest. So I have decided to do a series, starting with OSINT tools that are openly available to everyone. Obviously there are ‘other’ proprietary tools I use and I won’t be discussing those, so with respect to you all, please don’t ask me ;-)

Open-source intelligence (OSINT) is intelligence collected from publicly available sources. In the intelligence community, the term “open” refers to overt, publicly available sources (as opposed to covert or clandestine sources); it is not related to open-source software or public intelligence.

OSINT is defined by both the U.S. Director of National Intelligence and the U.S. Department of Defense, as “produced from publicly available information that is collected, exploited, and disseminated in a timely manner to an appropriate audience for the purpose of addressing a specific intelligence requirement.”

Here’s just five freely available OSINT tools and resources in no particular order, each one excels in different aspects of OSINT collection and collation.

“Have the passion, bake cupcakes & magic will happen.” @CupcakeQuotes

Well it’s upon us again folks. Yes Columbus Day has rolled round upon us again and it’s about this time of year I like to step into the kitchen and cause me some carnage. I thought I would share my special spiced cupcake recipe with you guys ;-)

Self-contained and satisfying, it summons memories of childhood even as it’s updated for today’s sweet-toothed hipsters (chai latte cupcake, anyone?) The best thing is you don’t have to share — it’s strictly a one-person affair, thank you very much.

For those of you joining us today from the Arabic speaking world there’s a handy version of this yummy recipe here somewhere, have a yourselves a good rummage.

‘One need not destroy one’s enemy. One need only destroy his willingness to engage.’ – Sun Tzu

When I post links to news articles via my twitter, I often get asked about a previous operation I conducted in March 2011. The op in question has been reported on by numerous 3rd parties, but I have never openly mentioned it. So folks, understand that unless there is a ‘watermark’ or ‘other identifying feature’ inside a news article I link to – it is genuine straight from the source site.

If you are not quite sure WTF I am talking about, here’s what Mr Anthony M Freed had to say about it at the time.

This portion of this post is cross-posted from InfosecIsland.com

Jihadist Webmaster Tactic – Play Dead

Posted: 27th September 2012 by th3j35t3r in General
Tags: , , ,

‘Cowards die many times before their deaths, the valiant taste death but once’ – Julius Caesar

During my early recon stages, while I am determining whether or not a site is a ‘valid target’ as opposed to just a benign Muslim interest site, I have begun to notice some strange behavior. It’s not  a new tactic, but it’s spreading within their circles.

Basically the website administrators, one way or another are trying to make it appear as though their site is either already down, or is of no interest to people like me.

Essentially, they are ‘playing dead’.

Anonymous/Qassam Pay-Per-Minute DDoS

Posted: 27th September 2012 by th3j35t3r in General, Hacker Tracker
Tags: , , ,

‘Collective fear stimulates herd instinct, and tends to produce ferocity toward those who are not regarded as members of the herd.’ – Bertrand Russell

So here’s the thing. Some of you may have seen that I have been sitting a-top of Anonymous Official IRC channel today. Actually I been hanging there for a while like about 2 years give or take (because mostly they are bored shit-talkers). Well during that time I found out a few things. Things that will be dismissed with the usual ‘Anyone can be anon’ crap, as an excuse to hide, because that mask they wear, they wear to do just that…. hide… they hide behind each other. No honor. No never leave a fallen man behind mantra. As soon as it suits them they will claim that mask, ‘it wasn’t me – he did it, it’s not my mask, it’s anyones’

Well let me break it down just one more time…..

I know I mentioned this before because I was there when I mentioned it. Onward….

Digital Asymmetric Warfare: Is It Possible?

Posted: 25th September 2012 by th3j35t3r in General
Tags: ,

Cross-Posted from SOFREP.com << Comments enabled here.

Sophisticated and complex to implement, long-term cyber attacks are often considered the work of intelligence agencies and crime syndicates. However, the oversight and bureaucracy that comes from such management often hinders the ultimate lethality of the attack.

In the paper below, by Major TJ O’Connor, we will examine the significant impact of a lone-wolf patriot hacker has had over the course of the last two years, and what important lessons we can learn from him on how to wage a successful fight in this domain.

We will highlight the relatively successful patriot hacking campaign of The Jester.

‘I won’t belong to any organization that would have me as a member.’ – Groucho Marx

Well….. WTF? …….And I say that with my angry tongue embedded hard into my cheek – because who didn’t see this coming.For those wondering what I refer to, it’s the MURDER of Mr Christopher Stevens, whilst he stood at his post and attempted to help his Embassy staff.

I know right? We know all the conjecture, and hearsay…. Mr Stevens was consumed by fumes, the Marines and other Contractors had a particularly ‘sketchy’ ROE that involved them having no live ammo,  SEAL’s there on the ground positioned to do exactly what they do, and they did to full effect, as SEAL’s do… but….. lets concentrate just for a minute..

Rumors of My Early 'Retirement' Are Exaggerated

Posted: 10th July 2012 by th3j35t3r in General

‘The quieter you are the more you can hear.’ – Backtrack Strapline.

Interesting 36 hours. Firstly, for my supporters, sorry for the delay, sometimes, as we have seen before with me, I choose to wait and watch the field before I react to the more bizzaro events. For those who don’t already know, apparently *I* have been ‘hacked’ including *my* social networking and bank accounts. These claims are incorrect. I will, however admit that a rather nice ‘sideways hack’ was deployed against my twitter. Aside from that no breaches or  relevant information, ‘personal’ or otherwise has come out of this episode and my position remains uncompromised.

All is well in JesterLand and here’s why……

The email account hacked was abandoned and sanitized 2 years ago and is one of many that are out there. They exist for a reason. Historical is credible. None contain anything of value. The accounts subsequently ‘hacked’ through information found within are not *my* accounts – they are accounts, information and disinformation of the persona, not the person. They are rigged to have service messages from decoy accounts and services delivered to them long after abandonment. Does anyone actually think I would be stupid enough to leave or allow a single shred of relevant real-world information, even in ‘conversation’ that pertained to the actual me?