-
Jan 6, 2018
In-Spectre-Meltdown is a PoC developed byViral Maniarusing Python and Powershell to check speculative execution side-channel attacks that affect many modern processors and operating systems designs that allows unprivileged processes to steal secrets from privileged processes.
… read more »
-
Jan 5, 2018
In the last hours, the vulnerabilities of the CPU have had a great prominence even in the non-specialized press.
So, I think that would be useful trying to summarize the situation in a simple way.
… read more »
-
Jan 3, 2018
Keyloggers are often used by malicious softwares to steal sensitive data and login credentials.
… read more »
-
Dec 31, 2017
My running year recap.
… read more »
-
Dec 29, 2017
In digital forensics, the term logical extraction is typically used to refer to extractions that do not recover deleted data, or do not include a full bit-by-bit copy of the evidence, analogously to copying and pasting a folder in order… read more »
-
Dec 27, 2017
Using Wine and Pyinstaller.
… read more »
-
Dec 22, 2017
Every forensic analyst, during his experience, perfects his own workflow for the acquisition of forensic images. Today I want to propose my own workflow for acquisition of physical disks on Microsoft Windows systems… read more »
-
Dec 20, 2017
Microsoft has released, on its GitHub repository, an interesting Linux porting of ProcDump from Sysinternals suite.
… read more »
-
Dec 18, 2017
In this great speech on BlackHat Europe 2017, Mark Ermolov and Maxim Goryachy by Positive Technology talks about the Intel Management Engine subsystem and how the recently discovered vulnerabilities can be used in order to compromise a system.
… read more »
-
Dec 15, 2017
This article on Microsoft’s Technet Blog is really interesting: Moti Bani explain how to investigate suspicious activity on servers using Sysmon Tool.
… read more »
-
Dec 13, 2017
Recently I needed to migrate the contents of a Wordpress 2.1.7 (really old!) on a new installation based on Wordpress 4.9.1.
… read more »
-
Dec 11, 2017
Metasploit Framework is a priceless open-source a tool for developing and executing exploit code against a remote target machine.
… read more »
-
Dec 8, 2017
DLL (Dynamic-link library) are the Microsoft’s implementation of the shared library concept and provide a mechanism for shared code and data, allowing a developer of shared code/data to upgrade functionality without requiring applications to be re-linked or re-compiled.
… read more »
-
Dec 6, 2017
People reuse passwords all the time. How can i check and prevent credential stuffing attacks?
… read more »
-
Dec 4, 2017
Do you want to become a programmer?
… read more »
-
Dec 1, 2017
RadioCarbon is an interesting tool developed by Florian Roth, focused on checking age and origin of a credential leak:
… read more »
-
Nov 29, 2017
UPDATE - Apple released the security patch for the bug:
… read more »
-
Nov 29, 2017
Please note:
… read more »
-
Nov 28, 2017
Two vulnerabilities and an exploit POC impacting the Exim MTA have been publicly disclosed, identified as CVE-2017-16943 & CVE-2017-16944
… read more »
-
Nov 27, 2017
This post on arno0x0x’s blog is awesome: an accurate analysis of some ‘one-line commands’ that can be used on a windows system in order to download a malicious payload and execute it.
… read more »