-
Oct 15, 2018
Rootkits are tools and techniques used to hide malicious modules from being noticed by system monitoring. Usually this kind of techniques involves kernel modifications, but (especially on windows systems) appear also in user-mode context, but still enabled to hiding their… read more »
-
Oct 12, 2018
Do you know the TV series named "The Man in the High Castle", inspired by the visionary book by Philip K. Dick? The Man in the High Castle tells the story of an alternative timeline that emerged from an Axis… read more »
-
Oct 8, 2018
During the creation of a long article about lateral movement using WMI, i've collected a good number of techniques to remotely manipulate Windows Services using WMI and Powershell. So, i decided to publish this sourcecode in form of PowerShell module,… read more »
-
Oct 5, 2018
A very famous theme, often known as "Forbidden Colours", referring to its vocal version. "Merry Christmas, Mr. Lawrence", also known in European edition as "Furyo" (Japanese for "prisoner of war"), is a 1983 film directed by Nagisa Oshima, starring David… read more »
-
Oct 1, 2018
There are commercial tools that provides access to the Volume Shadow Copies within a forensic image, but how can access this source of data using only free tools? Here three method that i use, enjoy! Using a VMWare VM Using raw2vmdk create… read more »
-
Sep 28, 2018
Tetris is a famous puzzle game, originally developed by Russian programmer Alexey Pajitnov, who complete the first version while he was working for the Dorodnitsyn Computing Centre of the Academy of Science of the Soviet Union in Moscow. After the… read more »
-
Sep 24, 2018
Injecting code into other process memory is not only limited to shellcodes or DLLs. PE Injection technique enables to inject and run a complete executable module inside another process memory. What is PE injection? This technique is similar to reflective… read more »
-
Sep 21, 2018
A lot of musicians better than me says that "River flow in you" is a song too simple, cheesy and definitely overplayed: and actually i agree!However, the simple harmony and the repetitive structure makes it perfect for an ukulele rendition… read more »
-
Sep 17, 2018
Unix terminal is a powerful tool. I think that a lot of tasks (including my own forensics analysis workflows) can be accomplished more quickly on a "terminal only" environment. Here my brief cheatsheet with useful commands and tips. Reload shell… read more »
-
Sep 14, 2018
Recently i've looked again an old ukulele project: the transcription of soundtracks from old video games. The list of games that i loved is pretty long, but one of them which i remember more pleasantly is "The Secret of Monkey… read more »
-
Sep 10, 2018
During the first phase of a penetration test, especially when the test is performed in blackbox mode, is really important to gather correct informations from company websites and employees social accounts. Here a short list of tool useful during this… read more »
-
Sep 7, 2018
"Moon river, wider than a mile I'm crossing you in style some day" "Moon River" is a song composed by Henry Mancini with lyrics by Johnny Mercer, written for the film Breakfast at Tiffany's and singed by Audrey Hepburn ( also an instrumental version is… read more »
-
Sep 3, 2018
What does blockchain technology have to do with cybersecurity? Blockchain technology seems to be a Columbus' egg: it may removes error and fraud, it can track ownership, managing identities and is resilient to cyber attacks. Let's take a look at… read more »
-
Aug 31, 2018
The (unconfirmed) story goes that Francisco Tárrega composed Lágrima in 1881, while performing in London. He was depressed and homesick, and he wrote a song describing his state. The piece Lagrima is a prelude that consists of two 8-bar sections (A,… read more »
-
Aug 27, 2018
After the first disclosure of CVEs related to speculative execution vulnerabilities (Meltdown and Spectre) on CPUs, a lot of researcher started to analyze the CPUs in order to find other vulerabilities and possible exploit techniques. Just some days ago a… read more »
-
Aug 24, 2018
Adelita is a mazurka written by Francisco Tárrega: along with Capricho Árabe and Recuerdos de la Alhambra, it is one of his best-known works. The tempo notated by Tárrega was "Lento", however mazurkas are usually played faster. So, it is… read more »
-
Aug 20, 2018
In my previous post "Code injection on Windows using Python: a simple example", i've explored the ctype python library and the usage of Windows API in order to perform a code injection on 32bit systems. All tests was performed… read more »
-
Aug 13, 2018
How quantum physics can make encryption stronger Currently Vikram Sharma is the CEO (and founder) of QuintessenceLabs (or Q-Labs) which uses quantum technology to strengthen cryptographic key management and recently released a quantum random number generator stuffed into a PCI… read more »
-
Aug 6, 2018
Recently i had to perform some comparative tests on a couple of whitelisting solutions. One of the crucial step of the test was the proper functioning of memory monitoring feature, useful in case of process injection: infact, when a trusted… read more »
-
Aug 1, 2018
The Netflix Security Intelligence and Response Team (SIRT) has released (under Apache 2.0 license) a triage tool to help digital forensics and incident response teams quickly identify compromised hosts on which to focus their response. The tool, written in python… read more »