Uchihash - A Small Utility To Deal With Malware Embedded Hashes

Uchihash is a small utility that can save malware analysts the time of dealing with embedded hash values used for various things such as: Dynamically importing APIs especially in shellcode Checking running process used by analysts Anti-Analysis Checking VM or Antivirus artifacts Anti-Analysis...

Bypassing MassLogger Anti-Analysis — a Man-in-the-Middle Approach

The FireEye Front Line Applied Research & Expertise FLARE Team attempts to always stay on top of the most current and emerging threats. As a member of the FLARE Reverse Engineer team, I recently received a request to analyze a fairly new credential stealer identified as MassLogger. Despite the la...

TuxResponse - Linux Incident Response

TuxResponse is incident response script for linux systems written in bash. It can automate incident response activities on Linux systems and enable you to triage systems quickly, while not compromising with the results. Usually corporate systems would have some kind of monitoring and control, but...

CVE-2018-3100

Vulnerability in the Oracle Business Process Management Suite component of Oracle Fusion Middleware subcomponent: Process Analysis & Discovery. Supported versions that are affected are 11.1.1.7.0, 11.1.1.9.0, 12.1.3.0.0, 12.2.1.2.0 and 12.2.1.3.0. Easily exploitable vulnerability allows...

Subaru car software vulnerability analysis—never a failure of token-vulnerability warning-the black bar safety net

Not long ago, one from California car, information security researcher Aaron Guzman, in Australia, held a computer security conference to introduce a black into the Subaru car of the method. In his own 2017 Subaru WRX STI was found in a surprising number of software vulnerabilities, through these...

CVE-2 0 1 6-1 7 5 7 a simple analysis-vulnerability warning-the black bar safety net

Recent 1 0. 1 1. 4 patch fixes a use condition of competition to get code execution permissions of vulnerability after the kernel source code as well as poc to understand after the first of the issues to make a simple analysis. 0x01 basics 1.1 the exec function to process I'm in the OSX kernel to...

Unibody Memory Analysis -- Introducing Memoryze™ for the Mac 1.0

Today, Mandiant is introducing a new free tool, Memoryze™ for the Mac 1.0, which brings memory imaging and analysis to the Mac. It joins a growing list of freeware tools Mandiant currently provides. Memoryze™ for the Mac 1.0 brings many of the features of Memoryze™ to the Apple Macintosh platform...

Qualys and Malware Analyser - Online malware scanning engine !

Qualys and Malware Analyser - Online malware scanning engine ! Qualys and Malware Analyser Author : Beenu Arora, recently came into an agreement which will allow Qualys to use Malware Analyser tool on its online malware scanning engine. This would enable the users to perform more comprehensive...

Against three stunt--talking about the Trojans of“the search, blocking, kill”-bug warning-the black bar safety net

RFC1244Request for Comments:1 2 4 4is this description of the Trojan:“the Trojan horse is a program, it can provide some useful, or just interesting features. But it is also the user did not know the other functions, such as in your ignorance of the case copy the file or steal your password.” Wit...