The Winnti, a China-linked threat group that has been active in the cyberspace since 2009 was found to be employing a new variant of the ShadowPad backdoor (group’s new flagship tool) in the recent attacks where it compromised computer systems at two Hong Kong universities during the protests that began […]
News
609 posts
Qiling is an advanced binary emulation framework, with the following features: Cross platform: Windows, MacOS, Linux, BSD Cross architecture: X86, X86_64, Arm, Arm64, Mips Multiple file formats: PE, MachO, ELF Emulate & sandbox machine code in a isolated environment Provide high level API to setup & configure the sandbox Fine-grain […]
nfstream is a Python package providing fast, flexible, and expressive data structures designed to make working with online or offline network data both easy and intuitive. It aims to be the fundamental high-level building block for doing practical, real world network data analysis in Python. Additionally, it has the broader […]
That’s good news, right? Well, I’d say that’s a qualified “yes.” As I mentioned, it’s easy to change the implant so that it doesn’t respond to the normal magic bytes and we simply wouldn’t see it. Also, DOPU doesn’t survive a system restart, which means that hosts could have been […]
In this sequel, wvu recounts the R&D (in all its imperfect glory) behind creating a Metasploit module for the DOUBLEPULSAR implant’s lesser-known RDP variant. If you’re unfamiliar with the more common SMB variant, you can read our blog post detailing how we achieved RCE with it. Table of Contents Background […]
The cybercriminal group TA505 has reportedly changed up its tactics again, now engaging in phishing campaigns that leverage attachments with HTML redirectors in order to deliver Excel documents containing malware. Following a short period of inactivity, the group, resumed activities last month with a scheme designed to get victims to […]
Last week on Malwarebytes Labs, we looked at the strengths and weaknesses of the Zero Trust model, gave you the low-down on spear phishing, and took a delve into the world of securing the managed service provider (MSP). Other cybersecurity news UN compromised via Sharepoint hack: An extraordinary tale highlighting […]
According to the deputy head of the National Coordination Center for Computer Incidents of the FSB, Nikolai Murashov, encryption viruses decreased their activity last year and were replaced by malware. In particular, these programs have changed for crypto-jacking or hidden cryptocurrency mining. Murashov noted that the software for hidden mining […]
According to studies, with an increase of 50% malware attacks have known no bounds in the past year. Most common of all happen to be malware that steals users’ financial data and bank funds. The banking malware is on the rise in India. According to several sources, over 35% of […]
WhatTheHack is a collection of challenge based hack-a-thons including student guide, proctor guide, lecture presentations, sample/instructional code and templates. What, Why and How “What the Hack” is a challenge based hackathon format Challenges describe high-level tasks and goals to be accomplished Challenges are not step-by-step labs Attendees work in teams […]
Simple python tool that goes through a list of URLs trying CRLF and open redirect payloads. ▪ ▐ ▄ ▐▄▄▄▄▄▄ . ▄▄· ▄▄▄▄▄▄• ▄▌.▄▄ · ██ •█▌▐█ ·██▀▄.▀·▐█ ▌▪•██ █▪██▌▐█ ▀. ▐█·▐█▐▐▌▪▄ ██▐▀▀▪▄██ ▄▄ ▐█.▪█▌▐█▌▄▀▀▀█▄ ▐█▌██▐█▌▐▌▐█▌▐█▄▄▌▐███▌ ▐█▌·▐█▄█▌▐█▄▪▐█ ▀▀▀▀ ██▪ ▀▀▀• ▀▀▀ ·▀▀▀ ▀▀▀ ▀▀▀ ▀▀▀▀ ~ BOUNTYSTRIKE ~usage: Injectus [-h] […]
After four days of competition and a whole lot of “trying harder,” we have the winners of this year’s Metasploit community CTF. We’ve included some high-level stats from the game below; check out the scoreboard here. If you played the CTF and want to let the Metasploit team know which […]
As cyber-attacks become more and more frequent against entities of all sizes, penetration testing is becoming more important to identify vulnerabilities and make sure that security teams are able to prevent attacks. This means that pen testers are becoming more important, too. But how can interested individuals break into the […]
PCFG = Probabilistic Context Free GrammarPCFG = Pretty Cool Fuzzy GuesserIn short: A collection of tools to perform research into how humans generate passwords. These can be used to crack password hashes, but also create synthetic passwords (honeywords), or help develop better password strength algorithms Documentation Academic Papers:Original 2009 IEEE […]
Damn Vulnerable NodeJS Application (DVNA) is a simple NodeJS application to demonstrate OWASP Top 10 Vulnerabilities and guide on fixing and avoiding these vulnerabilities. The fixes branch will contain fixes for the vulnerabilities. Fixes for vunerabilities OWASP Top 10 2017 vulnerabilities at fixes-2017 branch.The application is powered by commonly used […]