-
Dec 30, 2016
A critical vulnerability, tracked as CVE-2016–10033, affects all versions of PHPMailer before 5.2.18 Dawid Golunski, security expert from Legal Hackers, has discovered a flaw in PHPMailer that could be exploited by a remote attacker to execute arbitrary code in the context… read more »
-
Dec 28, 2016
5000 fun kilometers! A big ‘thank you’ to who tolerates this my insane passion, to those who see me back into the house in rainy days soaked and dripping, to those who has now got used to wake up the… read more »
-
Dec 23, 2016
My own shortlist One of the first steps that you need to perform when you deal with the forensic analysis of a compromised machine is to make a copy of volatile memory. This copy will be used for in-depth analysis… read more »
-
Dec 22, 2016
“If you are hired as a penetration tester for some company and they forgot to tell you that they are using web application firewall than you might get into a serious mess.” Interesting article published by Usman Nasir on KaliTutorials: using… read more »
-
Dec 21, 2016
An interesting video lesson by Bradford Werner In this video, Bradford Werner talks about the right hand thumb position and the related exercises. [embed]https://www.youtube.com/watch?v=BpU1zYKp404[/embed] When adjusting your hand and thumb position remember to also consider your guitar position, footstool height, and… read more »
-
Dec 20, 2016
Powerful and easy to use PowerShellArsenal is a useful PowerShell module that can be used to perform reverse engineering activities on .NET assemblies, like disassembling code, perform .NET malware analysis and analyze memory. PowerShellArsenal is comprised of the following tools: Disassembly — Disassemble native and… read more »
-
Dec 19, 2016
DNSChanger is back! DNSChanger is a malware that infected millions of computers across the world in 2012 and that works by changing DNS server entries in infected computers to point to malicious servers under the control of the attackers, rather than… read more »
-
Dec 19, 2016
Your site has been hacked? Be careful, it might contain a backdoor! BackdoorMan is a python script useful to discover malicious scripts in PHP sites: is quite common for attackers to place a back-door on a site they have violated… read more »
-
Dec 18, 2016
Free virtual machines, documentation and challenges! Exploit-exercises.com provides a variety of virtual machines, documentation and challenges that can be used to learn about a variety of computer security issues such as privilege escalation, vulnerability analysis, exploit development, debugging, reverse engineering,… read more »
-
Dec 16, 2016
A really inspiring video A short video published by TheGuardian shows the morning routine of a legend of the ultramarathon, Scott Jurek: What ingredients are required to make an ultramarathon runner? In Boulder, Colorado, Scott Jurek has concocted quite the… read more »
-
Dec 15, 2016
On Android and iOS I found it on GitHub, a really useful list of tools and techniques to perform penetration tests on mobile applications: The Mobile App Pentest cheat sheet was created to provide concise collection of high value information on… read more »
-
Dec 14, 2016
“Some people asked me about how you can bypass all AV anti-viruses? My answer is: very simple.” Really interesting article by the security researcher Damon Mohammadbagher, about the techniques used by malware authors to bypass antivirus. In this post, Damon proposes… read more »
-
Dec 13, 2016
Christmas is coming, if you want to give me a gift, I give you a tip! Do you love role playing games, but also cybersecurity? Check this thread on reddit: Next week, I will be releasing the game Cryptomancer, designed by a… read more »
-
Dec 7, 2016
But be careful, can be dangerous! FPS Weapons has published a video tutorial that show how to build a 8$ handheld EMP generator which can be used to generate a strong enough magnetic pulse to induce an unexpected voltage inside… read more »
-
Dec 6, 2016
Free and DRM free! Increasingly we talk about privacy and global espionage and many people are worried about being caught under the ‘electronic surveillance’ carried by governments: the encryption is the only solution. Data and communications encryption allows to ensure an… read more »
-
Dec 5, 2016
You can find the answer in a Github repository We are not at the levels of the “Answer to the Ultimate Question of Life, the Universe, and Everything”, but we’re close. In this github repository i’ve found a really accurate… read more »
-
Dec 2, 2016
I had a very complicated work week…
… and I have no time (and desire) to write something serious.
So, i publish today just a funny strip by turnoff.us:
http://turnoff.us/geek/programmer-leves/
I’m between level 5 and 6, and you?
… read more »
-
Dec 1, 2016
There are two websites that can help you! Swedish developers Wille Dahlbo and Linus Unnebäck have created a website that can help you delete your online presence with just a few clicks. [embed]https://www.deseat.me/[/embed] Deseat.me lets you see all of the websites… read more »
-
Nov 30, 2016
A really dumb (but serious) Windows 10 vulnerability On Mikko Hypponen’s twitter account i’ve read this twit: [embed]https://twitter.com/mikko/status/803313343981350917[/embed] The linked article on Sami Laiho’s website exposes a vulnerability as simple as serious: if you hit SHIFT+F10 during Windows upgrade process… read more »
-
Nov 29, 2016
Useful to access quarantined files of Symantec and McAfee It can happen to have to analyze suspicious files on a compromised machine, but if the antivirus puts them in ‘in quarantine’ (usually encrypted in a specific directory), how recover them? Simple, with… read more »