[other]
Case 000: Why I Started Hooked
A standing offer to every scammer with my email address: come and get me.
michael@exploits:~$
EXPLOITS.RUN
OSINT and offensive security field notes
19 entries
::
last sync April 29, 2026
::
● online
[NEW SERIES · HOOKED]
I become the mark on purpose. Then I write what happens next.
[FEATURED]
view all logs →
The Curious Case of Vincent Briatore
Due to a large amount of screenshots with text, this blog is best read on a desktop as opposed to a phone. This post is also rather long so you may want to get settled in. Many of you know that I use Brave as my daily browser. One of the fe…
read entry →[RECENT]
Dissecting a Crypto Theft Operation: When JavaScript Obfuscation Hides a Fee-Based Scam
This post is part technical deep-dive, part forensic investigation story. I'll walk through how I discovered and analyzed a sophisticated cryptocurrency theft operation that uses advanced JavaScript obfuscation to hide a fee-based scam. The…
OSINT Is Not Just Data Gathering
Everyone wants to be an OSINT analyst these days. Scraping Shodan, running a few Google dorks, maybe linking a scammer’s Telegram handle to a throwaway Gmail—that’s open-source intelligence, right? Sort of. But mostly not. The truth is, OSI…
Getting Started with Windows Subsystem for Linux
# WHAT IS WINDOWS SUBSYSTEM FOR LINUX? Most people are either unaware or forget about a wonderful Windows feature called Windows Subsystem for Linux (WSL). WSL gives you access to a full linux kernel right in your Windows installation. This…
Search Engine Dorking (Google Case Study)
Before we dive in, please understand that this is an introductory level post and for the more technically inclined, there may not be much for consumption here. I will not go in depth on many topics surrounding search engines as a whole and…
The Curious Case of Vincent Briatore
Due to a large amount of screenshots with text, this blog is best read on a desktop as opposed to a phone. This post is also rather long so you may want to get settled in. Many of you know that I use Brave as my daily browser. One of the fe…
Analyzing Analytics (Featuring: The FBI)
Recently while conducting some research, I found myself down the path of Google Analytics ID's as well as other analytics services. I was investigating ways to not only identify varying analytics code in sites, but to correlate them with ot…
Facebook | Uncovering Seller Info Without Login
I was doing some research this week on Facebook Marketplace looking for some... unethically acquired and resold items and the sellers behind them. However, my research was limited to only acquiring data without being logged into a Facebook…
The Internet of Sonos
Recently a friend of mine inquired about my opinion on a Sonos (audio) device that was on their network that had been end of life for years. We were deliberating on what the threat landscape was for seemingly harmless devices like this on t…