How a malware can download a remote payload and execute malicious code…in one line?

This post on arno0x0x‘s blog is awesome: an accurate analysis of some ‘one-line commands’ that can be used on a windows system in order to download a malicious payload and execute it. The examples are developed using several script languages, it works in memory with a minimal disk footprint and …

How to retrieve user’s passwords from a Windows memory dump using Volatility

About Volatility i have written a lot of tutorials, now let’s try to use this information in a real context extracting the password hashes from a windows memory dump, in 4 simple steps. 1. Identify the memory profile First, we need to identify the correct profile of the system: [email protected]:~# …

SQLiv: a massive SQL injection scanner

SQLiv is a Python-based scanning tool that uses Google, Bing or Yahoo for targetted scanning, focused on reveal pages with SQL Injection vulnerabilities. It uses known dorks in order to find vulnerable URLs. Features multiple domain scanning with SQL injection dork by Bing, Google, or Yahoo targetted scanning by providing …