Clik here to view.
Dridex – Password Bypass, Extracting Macros, and Rot13
When attackers decide to password protect something, it can be very frustrating as an analyst, because we are often left with few options to find out what they are protecting. If this happens, we can...
View ArticleClik here to view.
Extend Sulo to find the CVE of Flash exploits
In this blog, i like to discuss more about detecting the vulnerability triggered by a particular exploit using Sulo. I have extended it to detect few of the recent vulnerabilities. I have added code to...
View ArticleClik here to view.
My Favorite PowerShell Post-Exploitation Tools
PowerShell became a key part of my red team toolkit in 2014. Cobalt Strike 2.1 added PowerShell support to the Beacon payload and this has made an amazing library of capability available to my users....
View ArticleClik here to view.
Adventures in LDAP Injection: Exploiting and Fixing
Every pen tester looks forward to that next encounter that includes one of those uncommon vulnerabilities that ultimately result in an exciting session of exploration and learning. During a recent web...
View ArticleClik here to view.
DDoS-for-Hire Preys Upon SaaS Apps such as Joomla
Akamai’s Prolexic Security Engineering & Research Team (PLXsert) and PhishLabs’ (R.A.I.D.) Research Analysis and Intelligence Division have worked together on a threat advisory that warns...
View ArticleClik here to view.
Malicious PNGs: What You See Is Not All You Get!
Threat actors are continually evolving their techniques. One of the latest Graftor variants is delivering a Malware DLL via a PNG file delivery mechanism. Graftor basically indicates some type of...
View ArticleClik here to view.
Bootkit Disk Forensics - Part 1
Recently I got the idea to play around with bypassing bootkit disk filters from an email i received, which highlighted that my MBR spoofing code was able to get underneath the driver of a popular...
View ArticleClik here to view.
[Exploit] Seagate BlackArmor Network Storage System
The Seagate BlackArmor network storage system is susceptible to a root command injection vulnerability, which allows an attacker to inject and execute arbitrary system commands. ISE created a proof of...
View ArticleClik here to view.
Prohibiting RC4 Cipher Suites
If you’ve been following the drafts of this RFC, then nothing here will surprise you. The first draft was published on July 21, 2014, and, a short seven months later, RFC 7465 has been published. It’s...
View ArticleClik here to view.
Webnic Registrar Blamed for Hijack of Lenovo, Google Domains
Two days ago, attackers allegedly associated with the fame-seeking group Lizard Squad briefly hijacked Google’s Vietnam domain (google.com.vn). On Wednesday, Lenovo.com was similarly attacked. Sources...
View ArticleClik here to view.
Paper: Kizzle: A Signature Compiler for Exploit Kits
In recent years, the drive-by malwarespace has undergone significant consolidation. Today,the most common source of drive-by downloads arethe so-called exploit kits. Exploit kits signify a...
View ArticleClik here to view.
YSO-Mobile-Security-Framework
YSO Mobile Security Framework is an intelligent, all-in-one open source mobile application (Android/iOS) automated pen-testing framework capable of performing static and dynamic analysis. We've been...
View ArticleClik here to view.
D-Link and TRENDnet 'ncc2' service - multiple vulnerabilities
Local network; unauthenticated access.Remote network; unauthenticated access*.Remote network; 'drive-by' via CSRF.more here.......https://github.com/darkarnium/secpub/tree/master/Multivendor/ncc2
View ArticleClik here to view.
phpcodz
This project analyzes php security vulnerabilities here........https://github.com/80vul/phpcodz
View ArticleClik here to view.
The Enemy on your Phone
Many people believe that there are no malware programs on smartphones. There was a time when there was some truth in this. A few years ago mobile platform operators originally designed their products...
View ArticleClik here to view.
Wireless File Transfer Pro Android - Multiple CSRF Vulnerabilities
Document Title:===============Wireless File Transfer Pro Android - CSRF VulnerabilitiesReferences (Source):====================http://www.vulnerability-lab.com/get_content.php?id=1437Release...
View ArticleClik here to view.
Data Source: Scopus CMS - SQL Injection Web Vulnerability
Document Title:===============Data Source: Scopus CMS - SQL Injection Web VulnerabilityReferences (Source):====================http://www.vulnerability-lab.com/get_content.php?id=1436Release...
View ArticleClik here to view.
DSS TFTP 1.0 Server - Path Traversal Vulnerability
Document Title:===============DSS TFTP 1.0 Server - Path Traversal VulnerabilityReferences (Source):====================http://www.vulnerability-lab.com/get_content.php?id=1440Release...
View ArticleClik here to view.
GDB 'exploitable' plugin
'exploitable' is a GDB extension that classifies Linux application bugs by severity. The extension inspects the state of a Linux application that has crashed and outputs a summary of how difficult it...
View ArticleClik here to view.
Paper: Security in VANETs
Abstract:Vehicular Adhoc Networks (VANETs) are gaining growing interest and research efforts over recentyears for it offers enhanced safety and enriched travel comfort. However, security concerns that...
View Article