We have always been curious to know about what goes on inside the state sponsored security agencies like NSA (National Security Agency). Since the agency is known to operate on multiple spying operations in the past for tracking criminals and terrorists, it might sometimes need the use of zero day exploits to get into targeted […]
Text: Audience Level: Beginner to Medium. Few months back we released our new tool APITacker. The idea behind the tool is more mature than the tool itself. Using APITracker we can hook APIs on large scale from DLLs to track the execution of the sample. APITracker is based on pydbg python debugger. Before we move […]
Introduction: Sensors were bleeping but still high value assets got compromised, emergency response team was called and asked for the most important question “we have detection technology from five vendors, how is that possible?”. A piece of code bypassed the world’s most innovative technologies for detection on this earth. It is not a simple situation […]
Video: Text: Audience Level: Internet user, Mid level Analyst Prerequisite: Programming Language Introduction: Obfuscation: https://en.wikipedia.org/wiki/Obfuscation_(software) Infection Method: Malicious documents are mostly delivered through email campaigns. The attacker send the tailored email to the victim with the malicious email attachment or a malicious web link. Once the victim open the malicious document it will download the […]
APITracker is a major update to our tool Malpimp. It follows the same methodology for hooking and reporting but with an enhanced feature set and more stable logging options. New to APITracker: 1.Server Logging: APItracker can send the api logs on the remote server so you don’t have to worry about ransomewares etc. 2.Parameters: APItracker […]
Video Link: Text: Audience Level: Beginner, Internet user Prerequisite: Python programming language Introduction: In this week I will discuss about the macro analysis since macros are one of the top threat today to compromise/infect the endpoint machines. These days the macro based downloaders download ransomeware, POS malware and other banking trojans so the investigation of […]