Criminal Rings Hijacking Unused IPv4 Address Spaces

Criminal Rings Hijacking Unused IPv4 Address Spaces

So apparently this Hijacking Unused IPv addresses has been going on for a while, but with quite a lot number of attempts recently it’s ramped up a LOT since the September announcement by ARIN about IPv4 depletion. There was only only 50 hijacking attempts between 2005 and 2015. Since September, ARIN has already seen 25 […]

Tags: , , , , , , , , ,

Posted in: Legal Issues, Network Hacking | Add a Comment
shadow - Firefox Heap Exploitation Tool (jemalloc)

shadow – Firefox Heap Exploitation Tool (jemalloc)

shadow is a new, extended (and renamed version) of a Firefox heap exploitation tool, which is quite a swiss army knife for Firefox/jemalloc heap exploitation. If you want to dive in really deep to this tool, and the technicalities behind it check this out – OR’LYEH? The Shadow over Firefox [PDF] Support shadow has been […]

Tags: , , , , , , , ,

Posted in: Exploits/Vulnerabilities, Hacking Tools, Programming | Add a Comment
Cuckoo Sandbox - Automated Malware Analysis System

Cuckoo Sandbox – Automated Malware Analysis System

Cuckoo Sandbox is Open Source software for automating analysis of suspicious files. To do so it makes use of custom components that monitor the behaviour of the malicious processes while running in an isolated environment. In other words, you can throw any suspicious file at it and in a matter of seconds Cuckoo will provide […]

Tags: , , , , , , , ,

Posted in: Countermeasures, Forensics, Malware, Security Software | Add a Comment
Intel Hidden Management Engine – x86 Security Risk?

Intel Hidden Management Engine – x86 Security Risk?

So it seems the latest generation of Intel x86 CPUs have implemented a Intel hidden management engine that cannot be audited or examined. We can also assume at some point it will be compromised and security researchers are labelling this as a Ring -3 level vulnerability. This isn’t a new issue though, people have been […]

Tags: , , , , , , ,

Posted in: Exploits/Vulnerabilities, Hardware Hacking | Add a Comment
FIDO - Automated Incident Response

Fully Integrated Defense Operation (FIDO) – Automated Incident Response

FIDO is an orchestration layer which enables an automated incident response process by evaluating, assessing and responding to malware. FIDO’s primary purpose is to handle the heavy manual effort needed to evaluate threats coming from today’s security stack and the large number of alerts generated by them. As an orchestration platform FIDO can make using […]

Tags: , , , , , , , ,

Posted in: Countermeasures, General Hacking, Security Software | Add a Comment
Unicorn - PowerShell Downgrade Attack

Unicorn – PowerShell Downgrade Attack

Magic Unicorn is a simple tool for using a PowerShell downgrade attack to inject shellcode straight into memory. Based on Matthew Graeber’s PowerShell attacks and the PowerShell bypass technique presented by David Kennedy (TrustedSec) and Josh Kelly at Defcon 18. Usage is simple, just run Magic Unicorn (ensure Metasploit is installed and in the right […]

Tags: , , , , , , , , , , ,

Posted in: Hacking Tools, Windows Hacking | Add a Comment
Web Application Log Forensics After a Hack

Web Application Log Forensics After a Hack

Sites get hacked, it’s not pleasant but it happens. A critical part of it, especially in my experience, has been the web application log forensics applied directly after an attack. You can usually piece together what happened, especially if the attacker doesn’t rotate IP addresses during the attack. With a little poking around and after […]

Tags: , , , , , , , , ,

Posted in: Advertorial, Forensics | Add a Comment
movfuscator - Compile Into ONLY mov Instructions

movfuscator – Compile Into ONLY mov Instructions

The M/o/Vfuscator (short ‘o’, sounds like “mobfuscator”) helps programs compile into only mov instructions, and nothing else – no cheating. Arithmetic, comparisons, jumps, function calls, and everything else a program needs are all performed through mov operations; there is no self-modifying code, no transport-triggered calculation, and no other form of non-mov cheating. The compiler currently […]

Tags: , , , , , , , , ,

Posted in: Malware, Programming | Add a Comment
TeamViewer Hacked? It Certainly Looks Like It

TeamViewer Hacked? It Certainly Looks Like It

So is TeamViewer Hacked? There’s no definitive answer for now as they aren’t admitting to anything – but it does look very suspicious. The whole service was down for a few hours, the domains were apparently pointing to Chinese IP addresses (DNS Hijacking?) and no-one could login. A whole bunch of users also turned up […]

Tags: , , , , , , , ,

Posted in: Exploits/Vulnerabilities, Web Hacking | Add a Comment
Wfuzz - Web Application Brute Forcer

Wfuzz – Web Application Brute Forcer

Wfuzz is a Python based flexible web application brute forcer which supports various methods and techniques to expose web application vulnerabilities. This allows you to audit parameters, authentication, forms with brute-forcing GET and POST parameters, discover unlinked resources such as directories/files, headers and so on. A brute force attack is a method to determine an […]

Tags: , , , , , , , ,

Posted in: Hacking Tools, Web Hacking | Add a Comment