162 matches found
Acunetix WVS 10 远程代码执行漏洞 (System)
漏洞复现及分析 AWVS是一款常用的网站漏洞扫描工具,在漏洞扫描器进行扫描时,如果通过服务器提供一段包含恶意代码的页面,首先存在问题的网页会通知AWVS存在一个XSS漏洞,之后AWVS会在扫描任务中输出这个XSS漏洞的告警,之后AWVS会调用view response功能验证这个漏洞,在调用这个的过程中本地会执行一次漏洞的html网页,在执行的过程中,恶意构造的网页会在本地创建一个vb脚本,该脚本会去访问并获取另一段vb script从而执行而恶意代码,下面对此漏洞进行详细分析。 在分析之前,我需要提一点,本来想对wvs.exe进行动态跟踪,没想到wvs对debug有着严格的审查。...
GEF - Multi-Architecture GDB Enhanced Features for Exploiters & Reverse-Engineers
GEF is aimed to be used mostly by exploiters and reverse-engineers. It provides additional features to GDB using the Python API to assist during the process of dynamic analysis or exploit development. GEF fully relies on GDB API and other Linux specific source of information such as /proc/pid . A...
CTF-Tools - Some setup scripts for security research tools
This is a collection of setup scripts to create an install of various security research tools. Of course, this isn't a hard problem, but it's really nice to have them in one place that's easily deployable to new machines and so forth. Installers for the following tools are included: Category | To...
Analyzing Linux Malware Sandbox: Limon
Limon is a sandbox developed as a research project written in python, which automatically collects, analyzes, and reports on the run time indicators of Linux malware. It allows one to inspect the Linux malware before execution, during execution, and after execution post-mortem analysis by...
Linux Embedded Firmware Dynamic Analysis: FIRMADYNE
FIRMADYNE is an automated and scalable system for performing emulation and dynamic analysis of Linux-based embedded firmware. It includes the following components: modified kernels MIPS: v2.6.32 , ARM: v4.1 , v3.10 for instrumentation of firmware execution; a userspace NVRAM library to emulate a...
MobSF (Mobile Security Framework) - Mobile (Android/iOS) Automated Pen-Testing Framework
Mobile Security Framework MobSF is an intelligent, all-in-one open source mobile application Android/iOS automated pen-testing framework capable of performing static and dynamic analysis. We've been depending on multiple tools to carry out reversing, decoding, debugging, code review, and pen-test...
MALHEUR - Automatic Analysis of Malware Behavior
A novel tool for malware analysis Malheur is a tool for the automatic analysis of malware behavior program behavior recorded from malicious software in a sandbox environment. It has been designed to support the regular analysis of malicious software and the development of detection and defense...
Takeaway O2O App security analysis: the App vulnerability assessment platform technical details-vulnerability warning-the black bar safety net
In the mobile Internet and O2O tide swept under, the takeaway market is gradually entering the white-collar field, at BAT three giants throwing money to cultivate the market, white-collar workers have to change eating habits. As long as it is imprisoned in the white collar does not substantially ...
Renewed Attention on Android Apps Failing SSL Validation
SAN FRANCISCO – Android developers whose apps fail to validate SSL certificates are on notice; not only are researchers scanning apps making insecure connections, but so is Google. And the hammer may fall soon. Will Dormann, a researcher with CERT at the Software Engineering Institute at Carnegie...
FBI to Open Up Malware Investigator Portal to External Researchers
SEATTLE–The FBI has developed an internal malware-analysis tool, somewhat akin to the systems used by antimalware companies, and plans to open the system up to external security researchers, academics and others. The system is known as Malware Investigator and is designed to allow FBI agents and...
Hooker - Automated Dynamic Analysis of Android Applications
Hooker is an opensource project for dynamic analysis of Android applications. This project provides various tools and applications that can be use to automaticaly intercept and modify any API calls made by a targeted application. It leverages Android Substrate framework to intercept these calls a...
Hook Analyser 3.1 - Malware Analysis Tool
Hook Analyser is a freeware application which allows an investigator/analyst to perform “static & run-time / dynamic” analysis of suspicious applications, also gather analyse & co-related threat intelligence related information or data from various open sources on the Internet. Essentially it’s a...
Dynamic Analysis tools for Android Fail to Detect Malware with Heuristic Evasion Techniques
We are quite aware of the Android malware scanner Google’s Bouncer that tests the apps by running them in a virtualized environment i.e. a simulated phone created in software which automatically scans the apps to watch its real behaviour on users’ devices, before approving them to the Play Store...
FakeNet - Windows Network Simulation tool for Malware Analysis
FakeNet is a tool that aids in the dynamic analysis of malicious software. The tool simulates a network so that malware interacting with a remote host continues to run allowing the analyst to observe the malware’s network activity from within a safe environment. The goal of the project is to: 1. ...
[Arachni v0.4.6 - Web User Interface v0.4.3] Open Source Web Application Security Scanner Framework
Arachni is a feature-full, modular, high-performance Ruby framework aimed towards helping penetration testers and administrators evaluate the security of web applications. Arachni is smart, it trains itself by learning from the HTTP responses it receives during the audit process. Unlike other...
[Malheur v0.5.4] Malware Analyzer
Malheur is a tool for the automatic analysis of malware behavior program behavior recorded from malicious software in a sandbox environment. It has been designed to support the regular analysis of malicious software and the development of detection and defense measures. Malheur allows for...
[Drozer] The Leading Security Testing Framework for Android.
drozer enables you to search for security vulnerabilities in apps and devices by assuming the role of an app and interacting with the Dalvik VM, other apps’ IPC endpoints and the underlying OS. drozer provides tools to help you use and share public Android exploits. It helps you to deploy a droze...
Mercury v1.0 - Framework for bug hunters to find Android vulnerabilities
Mercury v1.0 - Framework for bug hunters to find Android vulnerabilities A free framework for bug hunters to find vulnerabilities, write proof-of-concept exploits and play in Android. Use dynamic analysis on Android applications and devices for quicker security assessments. Share publicly known...
Remember the vulnerability analysis for the first time-the vulnerability warning-the black bar safety net
Just getting started in heroic and wretched kk under the guidance of the analysis of the first vulnerability program, today writing from scratch process. The vulnerability program is in ahttp://www.exploit-db.com/exploits/17854/to download, this site provides not only the vulnerability of the...
Qualys and Malware Analyser - Online malware scanning engine !
Qualys and Malware Analyser - Online malware scanning engine ! Qualys and Malware Analyser Author : Beenu Arora, recently came into an agreement which will allow Qualys to use Malware Analyser tool on its online malware scanning engine. This would enable the users to perform more comprehensive...