Wanacrypt: What Do We Know About It As Of Now?

Since Friday this week has been most eventful because of a malware – Wanacrypt, infecting thousands of computer networks in a jiffy. As speculated, it leveraged a very potent exploit that was made public by the Shadow Brokers. The name of the exploit is ETERNALBLUE, which was used by the Equation Group to exploit a large number of systems right untill Windows 10. List of Equation Group Exploits lists the exploits and their targets.

Wanacrypt
Wanacrypt

Continue reading “Wanacrypt: What Do We Know About It As Of Now?”

Docker IDA: The Large Scale Reverse Engineering System!

Docker containers are the future! It surely seems so from the myriad projects that are being ‘dockerized’! One such cool project is Docker IDA, your answer for large scale reverse engineering, which allows you to run IDA Pro disassembler in Docker containers for automating, scaling and distributing the use of IDAPython scripts.

Docker IDA
Docker IDA

Continue reading “Docker IDA: The Large Scale Reverse Engineering System!”

Cuckoo Sandbox: An Automated Malware Analysis System!

Much has been said about Cuckoo Sandbox over the years – on the older PenTestIT blog and at other places, which means that most of us know what this automated malware analysis system is capable of! The reason behind this post is that a few minutes ago, Cuckoo Sandbox 2.0.0 was released!

Cuckoo Sandbox
Cuckoo Sandbox

Continue reading “Cuckoo Sandbox: An Automated Malware Analysis System!”

LIEF: Cross-Platform Library to Interact With ELF, PE and Mach-O Formats!

While there are multiple platform dependent libraries such as pefile, pyelftools, pwntools in Python and objdump and similar tools. Now, there is LIEF, an open source cross platform library to parse, modify and abstract ELF, PE and MachO file formats.

LIEF
LIEF

Continue reading “LIEF: Cross-Platform Library to Interact With ELF, PE and Mach-O Formats!”