Dominique Leroux Blog: 2020

Tuesday, September 22, 2020

Download The Unfinished Swan For PS4

CUSA00796 | PRELUDE |

Enter the surreal world of The Unfinished Swan and explore a mysterious, hidden kingdom. Your journey will be led by a runaway swan who guides you through strange levels filled with bizarre creatures. Discover the land through innovative new game mechanics such as splatting paint on a white surface to uncover your surroundings. Each level will bring new twists, challenges, and puzzles until you eventually come face-to-face with the eccentric King that built this realm.

DOWNLOAD

DIRECT LINK DOWNLOAD:

CLICK TO DOWNLOAD

GAME SIZE: 1.36 GB

Password: After 10$ payment is done

ORDER NOW

ORDER YOUR LOGO

https://www.fiverr.com/s2/b543cf7fc5

Monday, September 21, 2020

DreamForge Grav-StuG Kickstarter (Postponed To March)

The Kickstarter date is set, pending final approval from Kickstarter...

The Kickstarter will run from January 25th to February 3rd. Its going to be a short one so keep your eye on the calendar!

I will release an introduction video and try to do one to two additional videos, in a Q&A format for the questions asked during the KS, as well as a overview of why I have decided to go the direction I did and where I would like to go next.

There will be retailer/wholesaler packages available.

Please see the previous post for more details regarding this Kickstarter. More details to come...

You can track our progress, sign up for news releases and follow all new content on our web page

I hope to see you there!

Saturday, September 12, 2020

Episode 33: Foam Board, Sharp Knives And More Is Live!

Episode 33: Foam board, sharp knives and more!
https://soundcloud.com/user-989538417/episode-33-foam-board-a-sharp-knife-and-more

I talk about building terrain using humble foam board and a few simple tools.

Try Audible for FREE! https://audibletrial.com/tvwg

Freyja's Wrath KS https://www.kickstarter.com/projects/1512506318/freyjas-wrath-dark-age-and-fantasy-28mm-shieldmaid

Logan adapt-a-rule http://www.logangraphic.com/product/handheld-mat-cutters/logan-524-540-560-adapt-a-rule/

Joint illustrations
Butt joint http://www.woodworkbasics.com/image-files/168x182xbutt-joint.jpg.pagespeed.ic.mQMTHqdWBq.jpg

Mitre joint
http://www.woodworkbasics.com/image-files/171x171xmitre-joint.jpg.pagespeed.ic.Khj8quv3px.jpg

Housing joint what I incorrectly call tongue in groove in the Ep
http://www.woodworkbasics.com/image-files/170x165xhousing-joint.jpg.pagespeed.ic.9XFvhjVeOA.jpg

Rebate joint, what I call a rabbet joint in the Ep
http://www.woodworkbasics.com/image-files/166x185xrebate-joint.jpg.pagespeed.ic.TDhauqEFPJ.jpg

Pic of my space station shuttle bay partially constructed with Power Grab: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgj-lvCrxudBhLwqmVxCUvm5hiyXD1Lqp19NEb3tGb4ImEqeiB4dX0mHilJnIqzUxIRO_Eoi4stW4FrRu86EhCDHBwP08d_LqiEibvLlWMbGWg8jVQJ3qxJbJpVa0uOKeH1_48nbZKx2P2a/s1600/016_bay_newfloor.jpg

Books and games weighing down the walls and floor of a space station module: https://pbs.twimg.com/media/DQ-wTexV4AAPObR.jpg:large

A photo from the archives showing a jig made of Lego bricks to keep everything nice and square and plumb: https://pbs.twimg.com/media/DUmrlbpWsAAwL1C.jpg

World works games:
http://www.worldworksgames.com/store/

Illinois buildings: https://www2.illinois.gov/dnrhistoric/Preserve/Pages/construct_mainstreet.aspx

Other free buildings: http://www.ss42.com/pt-buildings.html

Germy's Paper Buildings - Designed with gaming in mind: http://www.germy.co.uk/fprpg.htm

Medieval building: https://pbs.twimg.com/media/DUm2bJTX4AA864r.jpg

Music courtesy of Bensound.com. Keep your town beautiful, get a haircut.

Volition, Interview With The Writers And Director

I saw Volition last September (2019) at the FilmQuest Film Festival (link to website). Volition is good. I was intrigued about the puzzle presented and the means in which the story was told kept me intrigued. It was nominated for a number of honors and Tony Dean Smith won for Best Director.

Instead of going back over the movie and telling you about it here, I am providing a link to the review I wrote for Volition (link to review).

Volition is available on Apple TV, Prime Video and other digital platforms so more people have the chance of seeing it and find themselves puzzling over the paradox presented.

This time around I had the chance to present some questions to Tony Dean Smith and Ryan W Smith, who co-wrote Volition along with Tony Dean Smith as director.

--What inspired you for the story of Volition?

TDS: I was feeling quite stuck in my life, almost resigned to the fact that maybe I could never make the movies I wanted to make. That I was a prisoner of my own perception is what allowed me to create James. He's also a prisoner of his own design and it takes a vision of his own death to finally wake him up from his pre-determined worldview. When I realized how similar James was to me, I knew I had stumbled upon a story and character that was both grounded—and personally resonant. I then went back into my drawer of ideas and pulled out a short film I had written in film school. It was about a scientist who invents a drug that makes him always early (I was always late, so… write what you know). The idea was fun but had no depth or themes of fate vs. free-will. When I took that old story and fused it with my personal feelings and with the new character in mind… Volition was essentially born. It then went through dozens and dozens of rewrites as Ryan and I continually wrestled the complex beast to the ground.

--What would you like the audience to take away from Volition?

TDS: I hope they have a good time, as the film is really fun puzzle piece mystery! I also hope the film sparks a little internal debate within them regarding the forces of fate vs. free-will in their own lives. I hope it inspires them to make whatever changes they need to. There is light on the other side of fear!

RWS: I hope audiences have fun with the cerebral puzzle of the film, leaving the screening with lots to ponder. But, even more so, I'm hoping they leave inspired by the characters and the challenging choices they make.

--Since you have come at this project as co-writers, what would you say was the biggest challenge and advantage of working with a partner?

TDS: Ryan and I will defend story above all else. We certainly come in with opinions and personal assumptions, but we're really good at digging into those feelings and pulling out the best aspects as they relate to the stories we're telling. We have very similar writing voices, but we are also different enough that the salty/sweet contrast is what makes us really work well together. A big advantage is that, as family, we have a shorthand that can't be taught. We had so many shared experiences growing up, even though we might have experienced them differently, which gives up a very strong foundation to build from.

RWS: We really push each other to be more creative. When writing solo, some mediocre ideas may slide by unnoticed. But when writing together, we question each other's choices and are forced to defend them. Not to say that mediocre ideas don't still creep in from time to time, but there's a check against them. We're challenged to make a strong choice for what works best for story. As for the biggest challenge, I'd say there's inevitably some level of complication in communication, even for us as brothers. We understand each other incredibly well, but sometimes it's just difficult to convey precisely what's in one's mind. Turning the abstract into something communicable is challenging. We do our best and tend to figure all out eventually.

-----

I recommend Volition to those who enjoy a thoughtful science fiction jaunt dealing with the perplexities associated with being caught up in time.

I'm working at keeping my material free of subscription charges by supplementing costs by being an Amazon Associate and having advertising appear. I earn a fee when people make purchases of qualified products from Amazon when they enter the site from a link on Guild Master Gaming and when people click on an ad. If you do either, thank you.

If you have a comment, suggestion, or critique please leave a comment here or send an email to guildmastergaming@gmail.com.

I have articles being published by others and you can find most of them on Guild Master Gaming on Facebookand Twitter(@GuildMstrGmng).

Friday, September 4, 2020

Urban Reign PS2 ISO For PCSX2

System Requirements

Operating System: Windows XP, Vista, Windows 7,8
Processor: Core 2 Duo 2.4 GHz
Ram: 2 GB
Graphics Card: 512 MB

Download The ISO File Here

Sunday, August 30, 2020

The OWASP Foundation Has Selected The Technical Writer For Google Season Of Docs

The OWASP Foundation has selected the technical writer for Google Season of Docs by Fabio Cerullo

The OWASP Foundation has been accepted as the organization for the Google Seasons of Docs, a project whose goals are to give technical writers an opportunity to gain experience in contributing to open source projects and to give open-source projects an opportunity to engage the technical writing community.

During the program, technical writers spend a few months working closely with an open-source community. They bring their technical writing expertise to the project's documentation, and at the same time learn about open source and new technologies.

The open-source projects work with the technical writers to improve the project's documentation and processes. Together they may choose to build a new documentation set, or redesign the existing docs, or improve and document the open-source community's contribution procedures and onboarding experience. Together, we raise public awareness of open source docs, of technical writing, and of how we can work together to the benefit of the global open source community.

After a careful review and selection process, the OWASP Foundation has picked the primary technical writer who will work along the OWASP ZAP Team for the next 3 months to create the API documentation of this flagship project.

Congratulations to Nirojan Selvanathan!

Please refer to the linked document where you could look at the deliverables and work execution plan.

https://drive.google.com/open?id=1kwxAzaqSuvWhis9Xn1VKNJTJZPM2UV20

Related articles

Mythbusters: Is An Open (Unencrypted) WiFi More Dangerous Than A WPA2-PSK? Actually, It Is Not.

Introduction

Whenever security professionals recommend the 5 most important IT security practices to average users, one of the items is usually something like: "Avoid using open Wifi" or "Always use VPN while using open WiFi" or "Avoid sensitive websites (e.g. online banking) while using open WiFI", etc.

What I think about this? It is bullshit. But let's not jump to the conclusions. Let's analyze all risks and factors here.

During the following analysis, I made two assumptions. The first one is that we are comparing public WiFi hotspots with no encryption at all (referred to as Open), and we compare this to public WiFi hotspots with WPA2-PSK (and just hope WEP died years before). The other assumption is there are people who are security-aware, and those who just don't care. They just want to browse the web, access Facebook, write e-mails, etc.

The risks

Let's discuss the different threats people face using public hotspots, compared to home/work internet usage:

1. Where the website session data is not protected with SSL/TLS (and the cookie is not protected with secure flag), attackers on the same hotspot can obtain the session data and use it in session/login credentials stealing. Typical protocols affected:

HTTP sites
HTTPS sites but unsecured cookie
FTP without encryption
IMAP/SMTP/POP3 without SSL/TLS or STARTTLS

2. Attackers can inject extra data into the HTTP traffic, which can be used for exploits, or social engineer attacks (e.g. update Flash player with our malware) – see the Dark Hotel campaign

3. Attackers can use tools like SSLStrip to keep the user's traffic on clear text HTTP and steal password/session data/personal information

4. Attackers can monitor and track user activity

5. Attackers can directly attack the user's machine (e.g. SMB service)

WPA2-PSK security

So, why is a public WPA2-PSK WiFi safer than an open WiFi? Spoiler alert: it is not!

In a generic public WPA2-PSK scenario, all users share the same password. And guess what, the whole traffic can be decrypted with the following information: SSID + shared password + information from the 4-way handshake. https://wiki.wireshark.org/HowToDecrypt802.11

If you want to see it in action, here is a nice tutorial for you

http://www.lovemytool.com/blog/2010/05/wireshark-and-tshark-decrypt-sample-capture-file-by-joke-snelders.html

Decrypted WPA2-PSK traffic

Any user having access to the same WPA2-PSK network knows this information. So they can instantly decrypt your traffic. Or the attackers can just set up an access point with the same SSID, same password, and stronger signal. And now, the attacker can instantly launch active man-in-the-middle attacks. It is a common belief (even among ITSEC experts) that WPA2-PSK is not vulnerable to this attack. I am not sure why this vulnerability was left in the protocol, if you have the answer, let me know. Edit (2015-08-03): I think the key message here is that without server authentication (e.g. via PKI), it is not possible to solve this.

Let me link here one of my previous posts here with a great skiddie tool:

http://jumpespjump.blogspot.nl/2014/04/dsploit.html

To sum up, attackers on a WPA2-PSK network can:

Decrypt all HTTP/FTP/IMAP/SMTP/POP3 passwords or other sensitive information
Can launch active attacks like SSLStrip, or modify HTTP traffic to include exploit/social engineer attacks
Can monitor/track user activity

The only difference between open and WPA2-PSK networks is that an open network can be hacked with an attacker of the skill level of 1 from 10, while the WPA2-PSK network needs and an attacker with a skill level of 1.5. That is the difference.

The real solutions

1. Website owners, service providers should deploy proper (trusted) SSL/TLS infrastructure, protect session cookies, etc. Whenever a user (or security professional) notices a problem with the quality of the service (e.g. missing SSL/TLS), the service provider has to be notified. If no change is made, it is recommended to drop the service provider and choose a more secure one. Users have to use HTTPS Everywhere plugin.

2. Protect the device against exploits by patching the software on it, use a secure browser (Chrome, IE11 + enhanced protection), disable unnecessary plugins (Java, Flash, Silverlight), or at least use it via click-to-play. Also, the use of exploit mitigations tools (EMET, HitmanPro Alert, Malwarebytes AntiExploit) and a good internet security suite is a good idea.

3. Website owners have to deploy HSTS, and optionally include their site in an HSTS preload list

4. Don't click blindly on fake downloads (like fake Flash Player updates)

5. The benefits of a VPN is usually overestimated. A VPN provider is just another provider, like the hotspot provider, or the ISP. They can do the same malicious stuff (traffic injecting, traffic monitoring, user tracking). Especially when people use free VPNs. And "Average Joe" will choose a free VPN. Also, VPN connections tend to be disconnected, and almost none of the VPN providers provide fail secure VPNs. Also, for the price of a good VPN service you can buy a good data plan and use 4G/3G instead of low-quality public hotspots. But besides this, on mobile OSes (Android, iOS, etc.) I strongly recommend the use of VPN, because it is not practically feasible to know for users which app is using SSL/TLS and which is not.

6. Use a location-aware firewall, and whenever the network is not trusted, set it to a Public.

7. In a small-business/home environment, buy a WiFi router with guest WiFi access possibility, where the different passwords can be set to guest networks than used for the other.

Asking the question "Are you using open WiFi?", or "Do you do online banking on open WiFi?" are the wrong questions. The good questions are:

Do you trust the operator(s) of the network you are using?
Are the clients separated?
If clients are not separated, is it possible that there are people with malicious intent on the network?
Are you security-aware, and are you following the rules previously mentioned? If you do follow these rules, those will protect you on whatever network you are.

And call me an idiot, but I do online banking, e-shopping, and all the other sensitive stuff while I'm using open WiFi. And whenever I order pizza from an HTTP website, attackers can learn my address. Which is already in the phone book, on Facebook, and in every photo metadata I took with my smartphone about my cat and uploaded to the Internet (http://iknowwhereyourcatlives.com/).

Most articles and research publications are full of FUD about what people can learn from others. Maybe they are just outdated, maybe they are not. But it is totally safe to use Gmail on an open WiFi, no one will be able to read my e-mails.

PS: I know "Average Joe" won't find my blog post, won't start to read it, won't understand half I wrote. But even if they do, they won't patch their browser plugins, pay for a VPN, or check the session cookie. So they are doomed to fail. That's life. Deal with it.

More information

HiddenWasp Linux Malware Backdoor Samples

Here are Hidden Wasp Linux backdoor samples.
Enjoy

Reference

Intezer HiddenWasp Malware Stings Targeted Linux Systems

Download

Download. Email me if you need the password (see in my profile)

File informatio

8914fd1cfade5059e626be90f18972ec963bbed75101c7fbf4a88a6da2bc671b
8f1c51c4963c0bad6cf04444feb411d7
shell

f321685342fa373c33eb9479176a086a1c56c90a1826a0aef3450809ffc01e5d
52137157fdf019145d7f524d1da884d7
elf

f38ab11c28e944536e00ca14954df5f4d08c1222811fef49baded5009bbbc9a2
ba02a964d08c2afe41963bf897d385e7
shell

e9e2e84ed423bfc8e82eb434cede5c9568ab44e7af410a85e5d5eb24b1e622e3
cbcda5c0dba07faced5f4641aab1e2cd
elf shared-lib

d66bbbccd19587e67632585d0ac944e34e4d5fa2b9f3bb3f900f517c7bbf518b
2b13e6f7d9fafd2eca809bba4b5ea9a6
64bits elf shared-lib

2ea291aeb0905c31716fe5e39ff111724a3c461e3029830d2bfa77c1b3656fc0
568d1ebd8b6fb17744d3c70837e801b9
shell

8e3b92e49447a67ed32b3afadbc24c51975ff22acbd0cf8090b078c0a4a7b53d
33c3f807caea64293add29719596f156
shell

609bbf4ccc2cb0fcbe0d5891eea7d97a05a0b29431c468bf3badd83fc4414578
71d78c97eb0735ec6152a6ff6725b9b2
tar-bundle gzip contains-elf

d596acc70426a16760a2b2cc78ca2cc65c5a23bb79316627c0b2e16489bf86c0
6d1cd68384de9839357a8be27894182b
tar-bundle gzip

0fe1248ecab199bee383cef69f2de77d33b269ad1664127b366a4e745b1199c8
5b134e0a1a89a6c85f13e08e82ea35c3
64bits elf