Wanacrypt: What Do We Know About It As Of Now?

Since Friday this week has been most eventful because of a malware – Wanacrypt, infecting thousands of computer networks in a jiffy. As speculated, it leveraged a very potent exploit that was made public by the Shadow Brokers. The name of the exploit is ETERNALBLUE, which was used by the Equation Group to exploit a large number of systems right untill Windows 10. List of Equation Group Exploits lists the exploits and their targets.

Wanacrypt
Wanacrypt

Continue reading “Wanacrypt: What Do We Know About It As Of Now?”

Cuckoo Sandbox: An Automated Malware Analysis System!

Much has been said about Cuckoo Sandbox over the years – on the older PenTestIT blog and at other places, which means that most of us know what this automated malware analysis system is capable of! The reason behind this post is that a few minutes ago, Cuckoo Sandbox 2.0.0 was released!

Cuckoo Sandbox
Cuckoo Sandbox

Continue reading “Cuckoo Sandbox: An Automated Malware Analysis System!”

LIEF: Cross-Platform Library to Interact With ELF, PE and Mach-O Formats!

While there are multiple platform dependent libraries such as pefile, pyelftools, pwntools in Python and objdump and similar tools. Now, there is LIEF, an open source cross platform library to parse, modify and abstract ELF, PE and MachO file formats.

LIEF
LIEF

Continue reading “LIEF: Cross-Platform Library to Interact With ELF, PE and Mach-O Formats!”