3D-Printed Halbach Motor Part Two: Tuning, Testing

Building your own Halbach-effect brushless DC motor is one thing. Making sure it won’t blow up in your face another matter, and watching how [Christoph Laimer] puts his motor to the test is instructive.

You’ll remember [Christoph]’s giant 3D-printed BLDC motor from a recent post where he gave the motor a quick test spin. That the motor held together under load despite not being balanced is a testament to the quality of his design and the quality of the prints. But not wishing to tempt fate, and having made a few design changes, [Christoph] wisely chose to perform a static balancing of the rotor. He also made some basic but careful measurements of the motor’s parameters, including the velocity constant (Kv) using an electric drill, voltmeter, and tachometer, and the torque using a 3D-printed lever arm and a kitchen scale. All his numbers led him to an overall efficiency of 80%, which is impressive.

[Christoph] is shipping his tested BLDC off to the folks at FliteTest, where he hopes they put it to good use. They probably will — although they might ask for three more for a helicarrier.

Filed under: misc hacks

datasploit v1.0: The BEST OSINT FRAMEWORK – Penetration Testing

Overview of the tool:

Performs OSINT on a domain / email / username / phone and find out information from different sources.

Correlates and collaborate the results, show them in a consolidated manner.

Tries to find out credentials, api-keys, tokens, subdomains, domain history, legacy portals, etc. related to the target.

Use specific script / launch automated OSINT for consolidated data.

Performs Active Scans on collected data.

Generates HTML, JSON reports along with text files.

Created using our beloved Python, MongoDb and Django, DataSploit simply requires the bare minimum data (such as domain name, email ID, person name, etc.) before it goes out on a mining spree. Once the data is collected, firstly the noise is removed, after which data is correlated and after multiple iterations it is stored locally in a database which could be easily visualised on the UI provided. The sources that have been integrated are all hand picked and are known to be providing reliable information. We have used them previously during different offensive as well as defensive engagements and found them helpful.

Change log v1.0

Extensive Framework

Module Templates

Modularized Code.

Code Cleanup

Can be used as a library

Automatic Entity Detection (Email/IP/Username/Domain)

Datasploit – An Open Source Intelligence Tool from Shubham Mittal

Download & Installation

The post datasploit v1.0: The BEST OSINT FRAMEWORK appeared first on Penetration Testing.

BFAC v1.3: Backup File Artifacts Checker – Penetration Testing

BFAC (Backup File Artifacts Checker) is an automated tool that checks for backup artifacts that may disclose the web-application’s source code. The artifacts can also lead to leakage of sensitive information, such as passwords, directory structure, etc.

The goal of BFAC is to be an all-in-one tool for backup-file artifacts black-box testing.


Multithreaded scanning.

Includes request rate throttling.

HTTP proxy support.

Uses multiple algorithms for automatically detecting valid and invalid pages.

HTTP proxy support

User agent randomization.

Batch processing.

Works both as a command-line tool and Python module.

Support for Windows, MacOS, and Linux operating systems.

Reporting: simple, verbose, CSV, JSON.


git clone http://ift.tt/2takzhz





bfac –help

Check a single URL.

bfac –url http://ift.tt/IcWlJf

Check a list of URLs.

bfac –list testing_list.txt

Single URL with a different level (level 2 for example).

bfac –url http://ift.tt/IcWlJf –level 2

Single URL and show the results only.

bfac –no-text –url http://ift.tt/IcWlJf

Limit the test to exposed DVCS tests.

bfac –dvcs-test –url http://example.com/

Verify existence of files using Content-Length checks only.

bfac –detection-technique content_length http://ift.tt/IcWlJf

Verify existence of files using Status-Code checks only.

bfac –detection-technique status_code http://ift.tt/IcWlJf

Exclude results with specific status-codes.

bfac –exclude-status-codes 301,999 http://ift.tt/IcWlJf

Source: Github

The post BFAC v1.3: Backup File Artifacts Checker appeared first on Penetration Testing.

Gateway to Metal Casting

Casting is an exciting and very useful pastime, but it’s not exactly common these days. That’s a problem whether you’re just getting started or have been doing it for years: everyone can use the advice of another. Fear not! The US Department of Energy is here to help with the Industrial Metal’s Program’s Metal Casting cornucopia.

Although not strictly a hack, this is certainly a facilitator of hacks and any experienced user would do themselves some good by perusing the site. Click on the maps to find complex issues presented remarkably well for papers at this level of rigor. Seriously, check them out.

However, since these papers go into such depth, we can’t really say the material is beginner friendly. That’s not to say it would be bad for a newbie to read through, just that it might be a bit discouraging. But, if you need to figure out where to start in the maze of molds and sand and molten metal, we might have some articles that might help you out.

Do y’all know of any good casting resources on the interwebs? If so, leave ’em in the comments!

Thanks [RunnerPack] for sending this in.

Filed under: how-to

The Week in Ransomware – June 30th 2017 – NotPetya

It has been another crazy week when it comes to ransomware due to the NotPetya outbreak. This ransomware/destructive malware played havok all over the world, but especially the Ukraine, when it was unleashed on Tuesday. Other than that, the rest of the ransomware news was basically small variants being developed or released. […]