Hackers Exploit PHP Vulnerability to Deploy Stealthy Msupedge Backdoor

A previously undocumented backdoor named Msupedge has been put to use against a cyber attack targeting an unnamed university in Taiwan. "The most notable feature of this backdoor is that it communicates with a command-and-control C&C server via DNS traffic," the Symantec Threat Hunter Team, part ...

Russian Power Companies, IT Firms, and Govt Agencies Hit by Decoy Dog Trojan

Russian organizations are at the receiving end of cyber attacks that have been found to deliver a Windows version of a malware called Decoy Dog. Cybersecurity company Positive Technologies is tracking the activity cluster under the name Operation Lahat, attributing it to an advanced persistent...

Reptile Rootkit: Advanced Linux Malware Targeting South Korean Systems

Threat actors are using an open-source rootkit called Reptile to target Linux systems in South Korea. "Unlike other rootkit malware that typically only provide concealment capabilities, Reptile goes a step further by offering a reverse shell, allowing threat actors to easily take control of...

Decoy Dog: New Breed of Malware Posing Serious Threats to Enterprise Networks

A deeper analysis of a recently discovered malware called Decoy Dog has revealed that it's a significant upgrade over the Pupy RAT, an open-source remote access trojan it's modeled on. "Decoy Dog has a full suite of powerful, previously unknown capabilities – including the ability to move victims...

New Decoy Dog Malware Toolkit Uncovered: Targeting Enterprise Networks

An analysis of over 70 billion DNS records has led to the discovery of a new sophisticated malware toolkit dubbed Decoy Dog targeting enterprise networks. Decoy Dog , as the name implies, is evasive and employs techniques like strategic domain aging and DNS query dribbling, wherein a series of...

New Decoy Dog Malware Toolkit Uncovered: Targeting Enterprise Networks

An analysis of over 70 billion DNS records has led to the discovery of a new sophisticated malware toolkit dubbed Decoy Dog targeting enterprise networks. Decoy Dog, as the name implies, is evasive and employs techniques like strategic domain aging and DNS query dribbling, wherein a series of...

Decoy dog toolkit plays the long game with Pupy RAT

Researchers at Infoblox have discovered a new toolkit being used in the wild called Decoy Dog. It targets enterprises, and has a fondness for deploying a remote access trojan called Pupy RAT. Activity from the RAT was first noticed earlier this month. Subsequent research revealed that it has been...

Threat Actors Using WerFault.exe to Deploy Pupy RAT

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary The Pupy RAT malware is using a technique called DLL side-loading to disguise itself as the legitimate WerFault.exe process in order to evade detection. The malware is delivered via an ISO image that...

BeRoot For Windows - Privilege Escalation Project

BeRoots is a post exploitation tool to check common Windows misconfigurations to find a way to escalate our privilege. A compiled version is available here. It will be added to the pupy project as a post exploitation module so it will be executed in memory without touching the disk. Except one...

Pupy - Opensource, Cross-Platform (Windows, Linux, OSX, Android) Remote Administration And Post-Exploitation Tool

Pupy is an opensource, cross-platform Windows, Linux, OSX, Android, multi function RAT Remote Administration Tool and post-exploitation tool mainly written in python. It features a all-in-memory execution guideline and leaves very low footprint. Pupy can communicate using various transports,...

LaZagne v2.2 - Credentials Recovery Project

The LaZagne project is an open source application used to retrieve lots of passwords stored on a local computer. Each software stores its passwords using different techniques plaintext, APIs, custom algorithms, databases, etc.. This tool has been developed for the purpose of finding these passwor...

Open Source Cross Platform RAT: Pupy

Open Source Cross Platform RAT: Pupy Pupy is an opensource, cross-platform Windows, Linux, OSX, Android, multi function RAT Remote Administration Tool and post-exploitation tool mainly written in python. It features a all-in-memory execution guideline and leaves very low footprint. Pupy can...

Auto Backdooring Utility: backdoorme

Auto Backdooring Utility Backdoorme is a powerful utility capable of backdooring Unix machines with a slew of backdoors. Backdoorme uses a familiar metasploit interface with tremendous extensibility.Backdoorme relies on having an existing SSH connection or credentials to the victim, through which...