full screen background image
Search
Wednesday 22 November 2017
  • :
  • :

Are you a lucky cybercrime victim?

Many Internet users download certain programs, even if they know they are illegal or even dangerous. Without clear statistics, I tend to...

Ring3 / Ring0 Rootkit Hook Detection 2/2

IAT Hooks Description The Import Address Table (IAT) is a table of jumps “jmp dword ptr ds:[address]”. Because functions in dlls change...

Ring3 / Ring0 Rootkit Hook Detection 1/2

Introduction The cybercrime underworld hasn’t given me any exciting malware to reverse and I’m running out of ideas for new posts, so...

Fighting Hooks With Hooks – Sandbox Escape

Introduction I was pretty bored today and couldn’t think of an article to write, decided I’d come up with an example of escaping a...

Personal Security – What Can Be Done?

Introduction It’s no secret that keeping your computer free from malware has become much harder. I remember about 12 years ago my friend...

[POC] WordPress Duplicator Migration 1.2.28 Cross Site Scripting

Duplicator <= 1.2.28 – Stored Cross-Site Scripting (XSS) installer.php in the Snap Creek Duplicator (WordPress Site Migration &...

How-to: CREATE A FAKE AP (ROGUE AP)

In this article, I’ll talk about creating a fake access point. In the framework of penetration testing, there are so many options for...

Creating the Ultimate Tor Virtual Network

Although the methods in this article can be used for proper anonymity outside of the tor browser, the main focus is creating a secure tor...

DumpsterFire – Security Incidents In A Box!

  DumpsterFire Toolset – “Security Incidents In A Box!” The DumpsterFire Toolset is a modular, menu-driven,...

Penetration Testing concept for beginner

Penetration Testing is a completely simulated attack technology and vulnerability discovery technology that hackers may use to deeply probe...

Inline Hooking for Programmers (Part 2: Writing a Hooking Engine)

We’ll be writing a hooking engine using trampoline based hooks as explained in the previous article (we don’t handle relative...

Msfvenom Tutorials for Beginners

Msfvenom Msfvenom is a command line instance of Metasploit that is used to generate and output all of the various types of shell code that...

Creating a Simple Free Malware Analysis Environment

Computer Requirements: A CPU with AMD-V or Intel VT-x support (pretty much any modern CPU). 4 GB RAM (more is better). Make sure...

7 Ways to Privilege Escalation of Windows 7 PC

When you exploit the victim pc there would be certain limits which resist performing some action even after you are having the shell of...

ROC – Infineon RSA Vulnerability

This tool is related to ACM CCS 2017 conference paper #124 Return of the Coppersmith’s Attack: Practical Factorization of Widely Used RSA...

Not Your Average Web Crawler: web crawler for bug hunting

Not Your Average Web Crawler N.Y.A.W.C is a Python library that enables you to test your payload against all requests of a certain domain....

Inline Hooking for Programmers (Part 1: Introduction)

A lot of my articles have been aimed at giving a high-level insight into malware for beginners, or those unfamiliar with specific concepts....

Regexp Security Cheatsheet: “weak places” in regular expressions of Web Application Firewalls (WAFs)

Regexp Security Cheatsheet The research was done to find “weak places” in regular expressions of Web Application Firewalls (WAFs). The...

Creating a Secure Tor Environment

As we all know there are ways that your real IP can be leaked when using tor (JavasScript, Flash, Malware and software errors). In this...

Let’s Analyze: Dridex (Part 3)

Sorry for the longer than expected delay, occasionally the Dridex group will take the servers offline during the weekend and resume normal...

traefik v.1.4.3 releases: a modern reverse proxy

traefik (pronounced like traffic) is a modern HTTP reverse proxy and load balancer made to deploy microservices with ease. It supports...

Let’s Analyze: Dridex (Part 1)

Due to popular request I’m starting a new reverse engineering article series which will detail how I go about analyzing various samples,...

Hack the Covfefe VM (CTF Challenge)

Hello friends! Today we are going to take another CTF challenge known as covfefe. The credit for making this vm machine goes to “Tim...

MHA – Mail Header Analyzer

Mail header analyzer is a tool written in flask for parsing email headers and converting them to a human readable format and it also can:...

Faraday v2.7 – Collaborative Penetration Test and Vulnerability Management Platform

Faraday is the Integrated Multiuser Risk Environment you have alwasy been looking for! It maps and leverages all the data you...

Exploiting Remote machine with Pastejacking

Pastejacking is a technique that takes over the clipboard of a machine, for instance, when we copy text from a website, that text can be...

TROMMEL: Sift Through Directories of Files to Identify Indicators That May Contain Vulnerabilities

TROMMEL sifts through directories of files to identify indicators that may contain vulnerabilities. Itidentifies the following indicators...

Hack the Born2Root VM (CTF Challenge)

Hello friends! Today we are going to take another CTF challenge known as Born2Root. The credit for making this vm machine goes to “Hadi...

DEFENDER: WordPress Plugin Evaluation

Introduction In this article, we will look at the DEFENDER WordPress plugin. This plugin is touted to provide layered security for...

Exploiting Windows Machine with DDE Exploit

DDE stands for “dynamic Data Exchange”, this is a method used by windows to facilitate one program being able to subscribe to an item...