-
Dec 1, 2017
RadioCarbon is an interesting tool developed by Florian Roth, focused on checking age and origin of a credential leak: Typically you get leaked credentials in form of list of email addresses or user names, cleartext passwords or password hashes, and… read more »
-
Nov 29, 2017
UPDATE - Apple released the security patch for the bug: https://support.apple.com/en-us/HT208315 The security fate discovered in MacOS High Sierra by Lemi Orhan Ergin is so serious that it is hard to believe it's real: you can become root without typing… read more »
-
Nov 29, 2017
Please note: This article has been written almost a year ago: in this months a lot of updates and bugfixes has been rolled up on hook.io infrastructure.So it's quite possible that the code snippets related to hook.io do not work correctly.I… read more »
-
Nov 28, 2017
Two vulnerabilities and an exploit POC impacting the Exim MTA have been publicly disclosed, identified as CVE-2017-16943 & CVE-2017-16944 The vulnerabilities could allow remote attackers to execute arbitrary code or cause a denial of service via vectors involving BDAT commands.… read more »
-
Nov 27, 2017
This post on arno0x0x's blog is awesome: an accurate analysis of some 'one-line commands' that can be used on a windows system in order to download a malicious payload and execute it. The examples are developed using several script languages,… read more »
-
Nov 24, 2017
FatCat is a tool designed to manipulate FAT filesystems, in order to explore, extract, repair, recover and forensic them. FatCat is developed and mantained by Grégoire Passault, and currently supports FAT12, FAT16 and FAT32. (more information about FAT filesystem here)… read more »
-
Nov 23, 2017
A fresh advisory from SAMBA.org: All versions of Samba from 4.0.0 onwards are vulnerable to a use after free vulnerability, where a malicious SMB1 request can be used to control the contents of heap memory via a deallocated heap pointer.… read more »
-
Nov 22, 2017
About the "Process Hollowing" i have already written some posts (like this). However, i've never published any practical example. So, today i want to quote this interesting article where Tigzy explains the process hollowing with a brief code snippet. in… read more »
-
Nov 20, 2017
Quad9 is a free security solution that uses DNS to protect systems against the most common cyber threats. Its is developed in collaboration with IBM, Packet Clearing House and Global Cyber Alliance. How it works? Quad9 routes your DNS queries… read more »
-
Nov 18, 2017
NOTHING TO HIDE is an independent documentary dealing with surveillance and its acceptance by the general public through the "I have nothing to hide" argument. The documentary is written, produced and directed by two journalists living in Berlin, Marc Meillassoux… read more »
-
Nov 17, 2017
Santoku is a bootable linux distribution focused on mobile forensics, analysis, and security. It comes with pre-installed platform SDKs, drivers and utilities and allows auto detection and setup of new connected mobile devices. Santoku Linux is a free and open… read more »
-
Nov 15, 2017
About Volatility i have written a lot of tutorials, now let's try to use this information in a real context extracting the password hashes from a windows memory dump, in 4 simple steps. 1. Identify the memory profile First, we… read more »
-
Nov 13, 2017
SQLiv is a Python-based scanning tool that uses Google, Bing or Yahoo for targetted scanning, focused on reveal pages with SQL Injection vulnerabilities. It uses known dorks in order to find vulnerable URLs. Features multiple domain scanning with SQL injection… read more »
-
Nov 10, 2017
CS Suite is tool for auditing the security posture of the AWS infrastructure, using current open source tools capabilities. Features Simple installation with support of python virtual environment and docker containers Initiate all tools/audit checks in one go AWS Infra… read more »
-
Nov 8, 2017
Transfer.sh is a website that helps users to share files from the command-line an efficient way. It won’t required any additional software to work except cURL. If your linux distribution doesn't have cUrl (unlikely!), you can install it with sudo… read more »
-
Nov 7, 2017
WPSeku is a Black-box WordPress vulnerability scanner that can be used to scan remote WordPress installations to find security issues. What is a Black-box scanner? Black-box security testing refers to a method of software security testing in which the security… read more »
-
Nov 6, 2017
Recently Mozilla planned to display permission prompts if a website attempt to use HTML5 Canvas Image Data in the Firefox web browser: in fact, this HTML5 element is often used to tracking users with a technique called "Canvas Fingerprinting" What… read more »
-
Nov 2, 2017
FireEye released GoCrack, a tool designed to password cracking tasks across multiple servers. GoCrack is open source and provides an easy-to-use, web-based real-time UI to create, view, and manage password cracking tasks. The tool was developed by FireEye's Innovation and… read more »
-
Oct 31, 2017
After the CCleaner incident, a lot of friends and colleagues asked me a good alternative to the Piriform's tool. From my point of view, a good alternative could be BleachBit. BleachBit is open source, and its designed for Linux and… read more »
-
Oct 30, 2017
Researchers at Kaspersky Lab has discovered that some victims may be able to recover their files without paying any ransom. The discovery was made by that analyzed the encryption functionality implemented by the ransomware: the Bad Rabbit leverages the open… read more »