Automater - IP & URL OSINT Analysis

Automater – IP & URL OSINT Tool For Analysis

Automater is a URL/Domain, IP Address, and Md5 Hash OSINT tool aimed at making the analysis process easier for intrusion Analysts. Given a target (URL, IP, or HASH) or a file full of targets Automater will return relevant results from sources like the following: IPvoid.com, Robtex.com, Fortiguard.com, unshorten.me, Urlvoid.com, Labs.alienvault.com, ThreatExpert, VxVault, and VirusTotal. By […]

Tags: , , , , , , , ,

Posted in: Hacking Tools, Network Hacking | Add a Comment
Android Malware Giving Phones a Hummer

Android Malware Giving Phones a Hummer

So Android Malware has always been quite a problem, especially with it being so easy to install random .apk files and the proliferation of 3rd party app stores. Also so many people with rooted phones and the fact that software installed can root your phone and take complete control. The current worry is the Hummer […]

Tags: , , , , , , , , ,

Posted in: Malware | Add a Comment
Exploit Reliability Testing System

ERTS – Exploit Reliability Testing System

ERTS or Exploit Reliability Testing System is a Python based tool to calculate the reliability of an exploit based on the number of times the exploit is able to control EIP register with the desired address/value. It’s created to help you code reliable exploits and take the manual parts out of running and re-running exploits […]

Tags: , , , , , , ,

Posted in: Exploits/Vulnerabilities, Programming | Add a Comment
OpenIOC - Sharing Threat Intelligence

OpenIOC – Sharing Threat Intelligence

OpenIOC is an open framework for sharing threat intelligence, sophisticated threats require sophisticated indicators. In the current threat environment, rapid communication of pertinent threat information is the key to quickly detecting, responding and containing targeted attacks. OpenIOC is designed to fill a void that currently exists for organizations that want to share threat information both […]

Tags: , , , , , , ,

Posted in: Countermeasures, Security Software | Add a Comment
Up1 - Client Side Encrypted Image Host

Up1 – Client Side Encrypted Image Host

Up1 is a client side encrypted image host that that can also encrypt text, and other data, and then store them, with the server knowing nothing about the contents. It has the ability to view images, text with syntax highlighting, short videos, and arbitrary binaries as downloadables. How it Works Before an image is uploaded, […]

Tags: , , , , , , , ,

Posted in: Cryptography, Privacy | Add a Comment
Criminal Rings Hijacking Unused IPv4 Address Spaces

Criminal Rings Hijacking Unused IPv4 Address Spaces

So apparently this Hijacking Unused IPv addresses has been going on for a while, but with quite a lot number of attempts recently it’s ramped up a LOT since the September announcement by ARIN about IPv4 depletion. There was only only 50 hijacking attempts between 2005 and 2015. Since September, ARIN has already seen 25 […]

Tags: , , , , , , , , ,

Posted in: Legal Issues, Network Hacking | Add a Comment
shadow - Firefox Heap Exploitation Tool (jemalloc)

shadow – Firefox Heap Exploitation Tool (jemalloc)

shadow is a new, extended (and renamed version) of a Firefox heap exploitation tool, which is quite a swiss army knife for Firefox/jemalloc heap exploitation. If you want to dive in really deep to this tool, and the technicalities behind it check this out – OR’LYEH? The Shadow over Firefox [PDF] Support shadow has been […]

Tags: , , , , , , , ,

Posted in: Exploits/Vulnerabilities, Hacking Tools, Programming | Add a Comment
Cuckoo Sandbox - Automated Malware Analysis System

Cuckoo Sandbox – Automated Malware Analysis System

Cuckoo Sandbox is Open Source software for automating analysis of suspicious files. To do so it makes use of custom components that monitor the behaviour of the malicious processes while running in an isolated environment. In other words, you can throw any suspicious file at it and in a matter of seconds Cuckoo will provide […]

Tags: , , , , , , , ,

Posted in: Countermeasures, Forensics, Malware, Security Software | Add a Comment
Intel Hidden Management Engine – x86 Security Risk?

Intel Hidden Management Engine – x86 Security Risk?

So it seems the latest generation of Intel x86 CPUs have implemented a Intel hidden management engine that cannot be audited or examined. We can also assume at some point it will be compromised and security researchers are labelling this as a Ring -3 level vulnerability. This isn’t a new issue though, people have been […]

Tags: , , , , , , ,

Posted in: Exploits/Vulnerabilities, Hardware Hacking | Add a Comment
FIDO - Automated Incident Response

Fully Integrated Defense Operation (FIDO) – Automated Incident Response

FIDO is an orchestration layer which enables an automated incident response process by evaluating, assessing and responding to malware. FIDO’s primary purpose is to handle the heavy manual effort needed to evaluate threats coming from today’s security stack and the large number of alerts generated by them. As an orchestration platform FIDO can make using […]

Tags: , , , , , , , ,

Posted in: Countermeasures, General Hacking, Security Software | Add a Comment