February 2018 - DigitalMunition

Shellen – Interactive Shellcoding Environment, In Which You Can Easily Craft Your Shellcodes

February 28th, 2018 📆 | 7877 Views ⚑

Shellen is an interactive shellcoding environment. If you want a handy tool to write shellcodes, then shellen may be your

New Mirai botnet variant OMG turn IoT devices into proxy servers

February 28th, 2018 📆 | 2588 Views ⚑

Since the source code for the Mirai botnet was released in 2016, FortiGuard Labs has discovered a number of Mirai-based variants. In addition

Protobuf-Inspector – Tool To Reverse-Engineer Protocol Buffers With Unknown Definition

February 28th, 2018 📆 | 5926 Views ⚑

Simple program that can parse Google Protobuf encoded blobs (version 2 or 3) without knowing their accompanying definition. It will print a

CrowdStrike Global Threat Report: extortion and weaponization of data have become mainstream among cybercriminals

February 28th, 2018 📆 | 6439 Views ⚑

Dissemination of advanced attack strategies advanced attack strategies has blurred the line between statecraft and espionage technologies, putting the threat beyond the defensive capabilities of

RastLeak: automatic leak information using Hacking with engine searches

February 27th, 2018 📆 | 6663 Views ⚑

Tool to automatic leak information using Hacking with engine searches How to install Install requirements with: git clone https://github.com/n4xh4ck5/RastLeak.git cd

Ports scanning using Metasploit

February 27th, 2018 📆 | 5036 Views ⚑

On your penetration testing, finding ports and services is important. In the real world, I exploited some systems by identifying open

Dozen vulnerabilities discovered in Trend Micro Linux-based Email Encryption Gateway

February 27th, 2018 📆 | 4940 Views ⚑

Security researchers at Core Security have discovered a dozen vulnerabilities in Trend Micro Linux-based Email Encryption Gateway. Security researchers at

CactusTorchDDEAUTO: Microsoft Office DDE Command Execution Without Needing Macros

February 27th, 2018 📆 | 5541 Views ⚑

Researchers have previously discovered that an attacker could use the DDE protocol to start malware through infected Office attachments, such

Researchers find free ransomware variant being distributed on the Dark Web

February 27th, 2018 📆 | 2207 Views ⚑

Security researchers have identified a ransomware variant that is available for free on the Dark Web and is even unregistered.

crlf-injector: Auto CRLF Injector

February 27th, 2018 📆 | 4264 Views ⚑

Installation pip install requests git clone https://github.com/rudSarkar/crlf-injector.git Usage $ python crlf.py Use $ python crlf.py domain_list.ext] crlf_payload] e.g $ python

contact.sh – An OSINT tool to find contacts in order to report security vulnerabilities

February 26th, 2018 📆 | 8088 Views ⚑

An OSINT tool to find contacts in order to report security vulnerabilities. Installation Linux Make sure you have installed the whois and jq packages. $ git

Mac malware Coldroot hasn’t detected by anti-virus engines for two years

February 26th, 2018 📆 | 1549 Views ⚑

Patrick Wardle, chief researcher at Digita Security, a security company, discovered a malware called Coldroot, a remote access Trojan (RAT). Although it was

gef v2018.02 releases: Multi-Architecture GDB Enhanced Features for Exploiters & Reverse-Engineers

February 26th, 2018 📆 | 7192 Views ⚑

GEF – GDB Enhanced Features GEF is a kick-ass set of commands for X86, ARM, MIPS, PowerPC and SPARC to make

Check Point released January 2018’s Top 10 ‘Most Wanted’ Malware

February 26th, 2018 📆 | 2218 Views ⚑

The latest report from checkpoint, the security company, the Global Malware Threat Impact Index, online released the top 10 malware of January 2018,

CCleaner is infected with malware – everything you need to know

February 25th, 2018 📆 | 4521 Views ⚑

the latest version of the hacker attack hijacked to distribute the user with the back door of the malicious software,

meg+ – Automated Reconnaissance Wrapper

February 25th, 2018 📆 | 4484 Views ⚑

This wrapper will automate numerous tasks and help you during your reconnaissance process. The script finds common issues, low hanging fruit, and assists you

Revoke-Obfuscation – PowerShell Obfuscation Detection Framework

February 24th, 2018 📆 | 2690 Views ⚑

Revoke-Obfuscation is a PowerShell v3.0+ compatible PowerShell obfuscation detection framework. Authors Daniel Bohannon (@danielhbohannon) Lee Holmes (@Lee_Homes) Research Blog Post: https://www.fireeye.com/blog/threat-research/2017/07/revoke-obfuscation-powershell.html White Paper: https://www.fireeye.com/content/dam/fireeye-www/blog/pdfs/revoke-obfuscation-report.pdf

Hacking News

Google white hackers disclosed critical vulnerabilities in uTorrent clients

February 24th, 2018 📆 | 7529 Views ⚑

White hackers at Google Project Zero have discovered two critical remote code execution vulnerabilities in versions of BitTorrent’s web-based uTorrent

Pentest Tools

Invoke-Obfuscation_1_Invoke-Obfuscation Screenshot

Invoke-Obfuscation – PowerShell Obfuscator

February 24th, 2018 📆 | 5275 Views ⚑

Invoke-Obfuscation is a PowerShell v2.0+ compatible PowerShell command and script obfuscator. Purpose Attackers and commodity malware have started using extremely basic obfuscation techniques to

Hacking News

Bypassing device Guard UMCI with dnx.exe/rcsi.exe

February 24th, 2018 📆 | 7837 Views ⚑

New features introduced in Windows 10 Enterprise and Server 2016 Device Guard is a white list mechanism that can be

Pentest Tools

OWASP DependencyCheck – A Software Composition Analysis Utility That Detects Publicly Disclosed Vulnerabilities In Application Dependencies

February 23rd, 2018 📆 | 6272 Views ⚑

Dependency-Check is a utility that attempts to detect publicly disclosed vulnerabilities contained within project dependencies. It does this by determining if there