Jun 18, 2020AD Pentesting, Windows Persistence and Malware AnalysisAD Pentesting, Windows Persistence and Malware Analysis Wondering what courses you can take during this CORONA era? Here are a few courses that I am taking at the moment and I am really pleased with how its going. Active Directory Pentesting — This course from ‘Pentester Academy’ is a good…Active Directory2 min read
Jun 16, 2020YAGIT(Yet Another Get Injected Thread) ….YAGIT(Yet Another Get Injected Thread) …. This post looks into the process of trying to ascertain if a process has a thread injected into it. I know the method and the way to discover if a thread has been injected, this is just me reminiscing these, as notes. A long…Malware4 min read
Sep 12, 2019Polymorphic Shellcode — SecurityTube Linux Assembly Expert 32 bit — Exercise 6Onward to the SLAE32 exercise series, today we have the exciting world of polymorphic shellcodes. Lets define it before we delve into it. polymorphic(adjective) : occurring in several different forms, in particular with reference to species or genetic variation. That is the dictionary meaning of the word and in our…Programming4 min read
Aug 30, 2019Msfvenom shellcode commentary — SecurityTube Linux Assembly Expert 32 bit — Exercise 5Continuing the series on SLAE32 based exercises, today we will look into 3 MSF(Metasploit Framework) payloads, namely: linux/x86/read_file linux/x86/exec linux/x86/adduser [1]. The first payload is a read_file payload, lets see what it does according to msfvenom(the cmdline utility that handles payload generation/encoding etc.. as part of the MSF suite) For…Shellcode8 min read
Aug 19, 2019Flare On 2019 ChallengeFlare On 2019 Challenge I have been playing this year’s Flare On Challenge and its been mighty fun so far. The amount of thought that goes into making the challenges…Reverse Engineering1 min read
Aug 19, 2019Malware Analysis — Journey into PackersMalware Analysis — Journey into Packers I have been wanting to write about Malware Analysis and trying to think about a topic that would be a good segway into understanding the domain of Malware but not Malware per se — ‘Packers’ Packer(n): A tool that compresses, encrypts and/or encodes/modifies a…Malware Analysis5 min read
Aug 8, 2019Encoded/Obfuscated shellcode — SecurityTube Linux Assembly Expert 32 bit — Exercise 4Encoded/Obfuscated shellcode — SecurityTube Linux Assembly Expert 32 bit — Exercise 4 In the last section/exercise we saw how to craft an egg-hunter and test it out for different payloads. In this section we will pivot a bit and talk about trying to make our shellcodes obfuscated so that its…Programming5 min read
Jul 27, 2019Egg Hunter Shellcode — Security Tube Linux Assembly Expert 32bit - Exercise 3Egg Hunter Shellcode — Security Tube Linux Assembly Expert 32bit - Exercise 3 In the last post we saw how do we go about crafting a reverse shell TCP shellcode. In this post we will look into the egg hunter shellcode crafting. …Programming6 min read
Jul 16, 2019Reverse TCP shell — Security Tube Linux Assembly Expert 32 bit — Exercise 2Reverse TCP shell — SecurityTube Linux Assembly Expert 32 bit — Exercise 2 In the last post we saw how to craft a port binding shellcode, in this post we will look into the method/process of crafting a reverse TCP shell. We will go through the basics of a reverse…Web Development4 min read
Jul 9, 2019Port Binding Shellcode — Security Tube Linux Assembly Expert 32 bit — Exercise 1Port Binding Shellcode — SecurityTube Linux Assembly Expert 32 bit — Exercise 1 In this exercise we will go through the basics of a port binding shellcode and understand the motivation behind it. This is one of the foundational shellcode in the sense that this is an easy or simple…Shellcode4 min read
