Boozt Fashion AB: Application code is not obfuscated -- OWASP M9 (2016)

Description : Boost android app is not obfuscated which lead to view the source code of the app. Impact : Attackers can steal code and reuse it or sell it to create new application or create a malicious fake application based on the initial one. POC : Step 1 : First, I did the basic reverse...

New Variant of Ploutus ATM Malware Observed in the Wild in Latin America

Introduction Ploutus is one of the most advanced ATM malware families we’ve seen in the last few years. Discovered for the first time in Mexico back in 2013, Ploutus enabled criminals to empty ATMs using either an external keyboard attached to the machine or via SMS message, a technique that had...

Gratipay: An adversary can harvest email address for spamming.

The website is displaying email address. These email address can be harvested by automated programs called bots and then used as a target for spamming. 1. Use any Email extractor tool or Add on. Here I have used Chrome Email Extractor Add on offered by Mr. Alien. 2. In Browser open...

[Weevely v1.1] Stealth tiny PHP web shell

Weevely is a stealth PHP web shell that provides a telnet-like console. It is an essential tool for web application post exploitation , and can be used as stealth backdoor or as a web shell to manage legit web accounts, even free hosted ones. Weevely is currently included in Backtrack and Backbox...

PHP Code Obfuscation

Binary data 6926.prm...

Hackers Pinch Obfuscation Technique From DEFCON Presentation

UPDATE: Feds aren’t the only ones who are paying attention to the demonstrations at security conferences like Black Hat and DEFCON – the folks who actually don the black hats are, also. That point was driven home this week by Kaspersky Lab researcher Marta Janus, who blogged about an interesting...

Image of the Day: Dissecting The ZeroAccess Crimeware

We know a lot about the effects of malicious programs like rootkits and Trojan downloaders. The job of finding out exactly how the programs work, however, is painstaking. That’s because most malware authors worth their salt take steps to make their creations hard to understand. Code obfuscation a...

Perl2Exe 1.0 95.0 26.0 - Code Obfuscation

Perl2Exe 1.0 95.0 26.0 - Code Obfuscation source: https://www.securityfocus.com/bid/6909/info Perl2Exe obfuscates Perl source code using a reversible algorithm when converting it to an executable format. This occurs when the "encrypt" option is selected. Those who use Perl2Exe with the expectatio...

Perl2Exe 1.0 9/5.0 2/6.0 - Code Obfuscation

source: https://www.securityfocus.com/bid/6909/info Perl2Exe obfuscates Perl source code using a reversible algorithm when converting it to an executable format. This occurs when the "encrypt" option is selected. Those who use Perl2Exe with the expectation that the source code will be concealed...