Whether Android or iPhone there is no denying that Google is there for all of us, keeping a track log of our data in a “Timeline” that unequivocally shows wherever we’ve been, which while in some cases is amazingly valuable and helpful yet for the rest it’s downright creepy. The […]
This week, a hacker published a list on a popular hacking forum containing Telnet credentials for over 515,000 servers, home routers and IoT (Internet of Things) “smart” devices. The massive list which reportedly was concluded by browsing the whole internet in search of devices that left their Telnet port exposed, […]
Are you fond of buying stolen’/leaked data? Because, one such domain, named ‘WeLeakInfo.com’ recently got seized by the US authorities. WeLeakInfo, with its absolutely convenient name, had been selling stolen data from other hacked websites, online for the past three years. The website provided an online service where hacked data […]
Telegram Group Scraper Tool. Fetch All Information About Group Members • How To Install & Setup API ( Termux ) • API Setup Go to http://my.telegram.org and log in. Click on API development tools and fill the required fields. put app name you want & select other in platform Example […]
What is it for?Grouper2 is a tool for pentesters to help find security-related misconfigurations in Active Directory Group Policy.It might also be useful for other people doing other stuff, but it is explicitly NOT meant to be an audit tool. If you want to check your policy configs against some […]
Government job site https://career.gov.ua/ published scans of passports and other documents of citizens who registered on the portal to search for work in the government sector. This was announced on January 16 by the Office of the Ombudsman of Ukraine on Facebook. “A possible leak of personal data of citizens […]
Gophish is an open-source phishing toolkit designed for businesses and penetration testers. It provides the ability to quickly and easily setup and execute phishing engagements and security awareness training. InstallInstallation of Gophish is dead-simple – just download and extract the zip containing the release for your system, and run the […]
Aaia (pronounced as shown here ) helps in visualizing AWS IAM and Organizations in a graph format with help of Neo4j. This helps in identifying the outliers easily. Since it is based on neo4j , one can query the graph using cypher queries to find the anomalies.Aaia also supports modules […]
Introduction Welcome to the final chapter of the Trimedia series. In the first part of the series, I introduced this research project, showing the different steps I took in order to analyze the firmware and the hardware of the camera. Then, in the second part, I presented the Philips TriMedia […]
Introduction After detailing Samsung’s TrustZone implementation in the first part of this series, this blog post introduces the tools that we have developed to reverse engineer the system and find vulnerabilities more easily. Part 1: Detailed overview of Samsung’s TrustZone components Part 2: Tools development for reverse engineering and vulnerability […]
Motivations After a general introduction on the ARM TrustZone and a focus on Qualcomm’s implementation, this new series of articles will discuss and detail the implementation developed by Samsung and Trustonic. These blog posts are a follow up to the conference Breaking Samsung’s ARM TrustZone that was given at BlackHat […]
Introduction This blog post deals with the Legu packer, an Android protector developed by Tencent that is currently one of the state-of-the-art solutions to protect APK DEX files. The packer is updated frequently and this blog post focuses on versions 4.1.0.15 and 4.1.0.18. Overview An application protected with Legu is […]
Introduction Irma is our file security analysis software, originally developed as an open source project with the sponsorship of 5 major European organizations, it is now also one of Quarkslab’s commercial software products. Since our last post from February 2016, Irma evolved significantly. This post summarizes the major changes, the […]
Uzbekistan plans to legalize mining by providing the status of a participant in the mining pool, which is planned to be created in the Republic. This is stated in the draft resolution of the President “On measures for further development of the sphere of turnover of crypto assets”.Participants of the […]
The EU (Europian Union) is considering restricting the use of facial recognition technology for a possible duration of 5 years, in public area sectors. The reason being is the regulators need some time to consider the protection of unethical exploitation of the technique. The facial recognition is a technique that […]