Clik here to view.
Apple OS X: Don't trust, and don't prompt to trust certificates
Summary:It is essential to provide a configuration option in the operating systemto:1. never trust invalid certificates, and2. to not prompt to trust them.Steps to reproduce:1. Install OS X on an Apple...
View ArticleClik here to view.
Hidden in Plain Sight - Public Key Crypto
How is it possible for us to communicate securely when there’s the possibility of a third party eavesdropping on us? How can we communicate private secrets through public channels? How do such...
View ArticleClik here to view.
ECommerce-Shopping Cart Zeuscart v. 4: Multiple reflecting XSS-, SQLi and...
Advisory: Multiple reflecting XSS-, SQLi andInformationDisclosure-vulnerabilities in Zeuscart v.4Advisory ID: SROEADV-2015-12Author: Steffen RösemannAffected Software: Zeuscart v.4Vendor URL:...
View ArticleClik here to view.
Comodo ships Adware Privdog worse than Superfish
tl;dr There is an adware called Privdog that gets shipped with software from Comodo. It totally breaks HTTPS security.more...
View ArticleClik here to view.
Benchmarking some popular public sandboxes regarding their "Anti-VM" technology
While checking submissions on our webservice we discovered that someone uploaded a "new" version of Pafish (by a0rtega). Pafish is a demo tool that performs typical anti-VM tricks in use by common and...
View ArticleClik here to view.
About DOMPurify 0.6.1 and Pentesters getting Pentested
Together with Frederic Hemberger, the Cure53 team co-maintains a DOM-only HTML, SVG and MathML sanitizer library called DOMPurify. Although it has just last year begun as an experiment, it quickly took...
View ArticleClik here to view.
WinObjEx64
Windows Object Explorer 64-bitWinObjEx64 is an advanced utility that lets you explore the Windows Object Manager namespace. For certain object types, you can double-click on it or use the...
View ArticleClik here to view.
Maximum Overkill Two - From Format String Vulnerability to Remote Code Execution
You might remember my first Maximum Overkill writeup, where I made a ROP exploit with ASLR/NX bypass for a simple buffer overflow exercise. I completed another over-the-top, why-would-you-even-do-this...
View ArticleClik here to view.
HoneyBadger- TCP attack inquisitor and 0-day catcher
HoneyBadger is primarily a comprehensive TCP stream analysis tool for detecting and recording TCP attacks. Perhaps it can assist in discovering 0-days and botnets.HoneyBadger will include a variety of...
View ArticleClik here to view.
Web Cryptography API Examples
I couldn't find anywhere that had clear examples of WebCrytoAPI, so I wrote examples and made a live table with them.more here.........https://github.com/diafygi/webcrypto-examples
View ArticleClik here to view.
new version of autorunner v0.0.9
autorunner is based upon the AutoRuns tool by the Sysinternals/Microsoft gurus. It is designed to perform automated Authenticode checking for binaries designed to auto-start on a host. Its primary...
View ArticleClik here to view.
hindsight
Internet history forensics for Google Chrome/ChromiumHindsight is a free tool for analyzing the browsing history of the Google Chrome web browser. It can collect a number of different types of Chrome...
View ArticleClik here to view.
Samba vulnerability (CVE-2015-0240)
Samba is the most commonly used Windows interoperability suite of programs, used by Linux and Unix systems. It uses the SMB/CIFS protocol to provide a secure, stable, and fast file and print services....
View ArticleClik here to view.
Writing your own Analyzer for the Open-Source Multi-Scanner IRMA
IRMA (Incident Response & Malware Analysis) is a multi-scanner framework for identifying and analyzing suspicious files. In this article, we describe, step by step, how one can contribute to this...
View ArticleClik here to view.
How ESEA detects cheat software in its online gaming league - Let's get...
Before we dig in, this post should not be construed as an attack on ESEA, anti-cheat software, or fair gaming in general. It is simply an analysis thereof, detailing what the ESEA driver does on your...
View ArticleClik here to view.
Find a Phishing Site? Overwhelm it with Fake Credentials.
A Script preconfigured for a phishing site found today here......https://github.com/averagesecurityguy/blue/blob/master/phish_blast.py
View ArticleClik here to view.
How I Hacked Telegram’s “Encryption”
Telegram claims to be a privacy oriented messaging app capable of encrypting personal and business secrets – only they are not. A critical vulnerability discovered by Zimperium Mobile Security Labs...
View ArticleClik here to view.
Zeus Toolkit infected with a Ramnit Worm
RSA Research monitors and analyzes the malicious activity of online cybercrime infrastructures on an ongoing basis. In a recent discovery, the lab’s researchers studied the workings of a customized...
View ArticleClik here to view.
Neglected DNS records exploited to takeover subdomains
In this write up I will be talking about a security issue identified in Redbooth platform which « is a communication and collaboration platform that provides a single place for shared tasks,...
View ArticleClik here to view.
The Dangers of x86 Emulation: Xen XSA 110 and 105
Developing a secure and feature rich hypervisor is no easy task. Recently, the open source Xen hypervisor was affected by two interesting vulnerabilities involving its x86 emulation code: XSA 110 and...
View Article