[Malwasm] Offline debugger for malware's reverse engineering

Malwasm is a tool based on Cuckoo Sandbox available here. Malwasm was designed to help people that do reverse engineering. Malwasm step by step: the malware to analyse is executed through Cuckoo Sandbox during the execution, malwasm logs all activites of the malware with pintool all activities ar...

Faircom c-treeACE database weak obfuscation algorithm vulnerability

Overview Faircom c-treeACE provides a weak obfuscation algorithm CWE-327 that may be unobfuscated without knowledge of a key or password. The algorithm was formerly called Faircom Standard Encryption but is now called Data Camouflage. Description Faircom c-treeACE provides a weak obfuscation...

[aidSQL] A tool that will aid you when trying to find vulnerable spots in your site

Is a PHP application provided for detecting security holes in your website/s. It's a modular application, meaning that you can develop your very own plugins for SQL injection detection & exploitation. 2013-05-27 NEW aidSQL Release which supports MS SQL SERVER 2000 Database injection and reverse...

Mobile Forensics: Santoku

Santoku is a platform for mobile forensics, mobile malware analysis and mobile application security assessment. The free Santoku Community Edition is a collaborative project to provide a pre-configured Linux environment with utilities, drivers and guides for these areas. Boot into Santoku and get...

CALL FOR PAPERS - The Hackers Conference 2013

The call for papers for The Hackers Conference 2013 is now open. THC2013 is a hacker conference taking place in New Delhi, India on August 25th, 2013. The Hackers Conference is an unique event, where the best of minds in the hacking world, leaders in the information security industry and the cybe...

CALL FOR PAPERS - The Hackers Conference 2013

The call for papers for The Hackers Conference 2013 is now open. THC2013 is a hacker conference taking place in New Delhi, India on August 25th, 2013. The Hackers Conference is an unique event, where the best of minds in the hacking world, leaders in the information security industry and the cybe...

[REMnux] A Linux Distribution for Malware Analysis

REMnux incorporates a number of tools for analyzing malicious executables that run on Microsoft Windows, as well as browser-based malware, such as Flash programs and obfuscated JavaScript. This popular toolkit includes programs for analyzing malicious documents, such PDF files, and utilities for...

[Dexter] A Free Tool for Mobile (Android) Malware Analysis

Bluebox Labs just released Dexter, a free tool which wants to help information security professionals and malware analysts to analyze Android mobile applications in order to find malware and vulnerabilities. .png Dexter combines manual and automatic static program analysis to provide a better...

Reverse engineering, Malware and Goodware analysis of Android applications: Androguard

Androguard is a full python tool to play with Android files. DEX, ODEX APK Android’s binary xml Android resources Disassemble DEX/ODEX bytecodes Decompiler for DEX/ODEX files You can either use the cli or graphical frontend for androguard, or use androguard purely as a library for your own tools...

Gameover Zeus Variant Sends Malicious Email Via Cutwail Botnet

The crew responsible for operating the Gameover variant of the infamous Zeus banking trojan is soliciting the enormous Cutwail botnet’s spamming capacity as an engine to fire off millions of malicious emails that seemingly originate from a number of recognizable U.S. banks. The fraudulent emails...

More VMware ESX Source Code Posted Online

For the third time this year, VMware ESX source code has been posted online. A hacker known as Stun claiming to be affiliated with Anonymous tweeted a link to a torrent site hosting the stolen VMkernel source code. VMware director of platform security Iain Mulholland acknowledged the breach on...

Anonymous leaks VMware ESX Server Kernel source code

Anonymous group member "Stun" announce the leak of VMware ESX Server Kernel source code via twitter today. The tweet reads, "WILD LEAKY LEAK. FULL VMware ESX Server Kernel LEAKED LINK Anonymous AntiSec". VMware ESX is an enterprise-level computer virtualization product offered by VMware. The reas...

Startup CrowdStrike Launches Crowd-Sourced Platform for Malware Analysis

Venture funded startup CrowdStrike has launched a new platform that will allow security researchers to work collaboratively to reverse engineer and analyze malicious code. The new platform, CrowdRE, was designed to resemble conventional software version control systems, with features that allow...

Apple Details iOS Security Features in New Guide

Apple has released a detailed security guide for its iOS operating system, an unprecedented move for a company known for not discussing the technical details of its products, let alone the security architecture. The document lays out the system architecture, data protection capabilities and netwo...

The Hackers Conference 2012 Call For Papers #THC2012

We are extremely delighted to announce the Call for Papers for The Hackers Conference 2012 It is a unique event, where the elite of the hacker world, leaders in the information security industry and the Internet community meet face to face to join their efforts to cooperate in addressing the most...

Iran Replicating Captured U.S. Drone RQ-170 Sentinel

Iran Replicating Captured U.S. Drone RQ-170 Sentinel Iranian military aerospace chief General Amir Ali Hajizadeh was quoted having said:"The Americans should be aware to what extent we have infiltrated the plane." Iran has broke the encryption codes and begun construction of a replica of the Unit...

Navy Hires Contractor to Data-Mine Gaming Consoles

The U.S. Navy recently hired an outside contractor, Obscure Technologies, to develop computer forensics tools capable of analyzing network traffic and stored data on gaming consoles. The contract, valued at $177,237.50, calls on Obscure Technologies to create hardware and software tools that can ...

Oreans Themida 2.1.8.0 - '.TMD' File Handling Buffer Overflow

/ Oreans Themida v2.1.8.0 TMD File Handling Buffer Overflow Vulnerability Vendor: Oreans Technologies Product web page: http://www.oreans.com Affected version: 2.1.8.0 32/64bit Summary: Advanced Windows software protection system, developed for software developers who wish to protect their...

Oreans Themida v2.1.8.0 TMD File Handling Buffer Overflow Vulnerability

Exploit for windows platform in category local exploits / Oreans Themida v2.1.8.0 TMD File Handling Buffer Overflow Vulnerability Vendor: Oreans Technologies Product web page: http://www.oreans.com Affected version: 2.1.8.0 32/64bit Summary: Advanced Windows software protection system, developed...

Carbylamine PHP Encoder - Make PHP files Fully Undetectable from Antivirus

Carbylamine PHP Encoder - Make PHP files Fully Undetectable from Antivirus Carbylamine PHP Encoder is a PHP Encoder for obfuscating/encoding PHP files so that antivirus detection signatures can be bypassed. High Security PHP Encoder Stops unauthorized personnel from reading, modifying and reverse...