This is a short post about LFISuite, an open source local file inclusion scanner and exploiter that is coded in Python. It supports multiple attack points and also has TOR proxy support. We all know that Local File Inclusion (also known as LFI) is a process of "including" locally present files, through the exploitation of vulnerable inclusion procedures implemented in the application that accepts un-sanitized input. Read more about LFISuite: An Automatic LFI Exploiter & Scanner!
If you read this blog, you must have read about an earlier post titled - List of Raspberry Pi DIY Projects for Anonymity! Though that post dealt with DIY projects about anonymity, this post is about WarBerryPi, which is more of a device to be used for offensive activities such as red teaming built on the versatile Raspberry Pi platform.The name WarBerryPi was conceived by the author as the red team, blue team nomenclature is based on military terms. This tool allows you to plug it in Read more about WarBerryPi: Red Teaming Hardware Implant!
All of us know that in file format fuzzing, we fuzz different aspects of a file such as flags, file format constraints, structures etc. by generating multiple malformed samples, opening them and waiting for the program crash. We then process the generated debug information to find out if we found something interesting in the crash. Surprisingly, there is a dearth of file format fuzzers. However, we now have OpenXMolar for the Microsoft Windows operating system. Read more about OpenXMolar: A OpenXML File Format Fuzzing Framework!
Recently, we posted about HatCloud, a different tool which identifies CloudFlare protected IP addresses. This post is about CloudFail, a tool which detects CloudFlare protected hosts and then some more. Read more about CloudFail: Detect CloudFlare Secured Hosts!
This short post is about a simple tool named cignotrack, which comes close on the heels of my older posts about tools such as Belati, DataSploit and PowerMeta. This open source script helps you test a domains privacy settings and track their social media presence. Read more about [SHORT POST] cignotrack: A Simple Metadata Analyzer!
If you are in the unknown, there are multiple rootkits, malware sources mentioned in the malware sources page on this blog. The reason I mention this is because the author of the famous vlany rootkit has recently released a suid based PHP root reverse shell backdoor - snodew! Read more about snodew: A suid Based PHP Root Reverse Shell Backdoor!
Malware's are always getting smarter and trying to outsmart our generic detection methodologies. One of the first ways they avoid detection is by checking if the executing environment is a virtual machine (VM). There are multiple ways to do that. Red Pill by Joanna Rutkowska, verifying memory structures such as Store Interrupt Descriptor Table (SIDT), Store Local Descriptor Table (SLDT), Store Global Descriptor Table (SGDT) and Store Task Register (STR) and checking for well known registry Read more about Antivmdetection: Thwart Virtual Machine Detection!