On June 29th 2017, WikiLeaks published documents about the CIA OutlawCountry project that targets computers running the Linux operating systems. Such releases have been code-named "Vault 7" by WikiLeaks. This is a post about a simple method with which you can verify for your self if your system has been a target of this malicious Linux kernel module. Read more about How to: Detect OutlawCountry on YOUR System?
Archives for July 2017
WinPayloads: Generate Undetectable Windows Payloads!
An older post of mine - MicroSploit dealt with generating backdoored documents for the Office platform. This post is about another open source framework, called WinPayloads which helps you create custom malicious payloads for the Microsoft Windows operating system. Read more about WinPayloads: Generate Undetectable Windows Payloads!
UPDATE: OWASP Dependency-Check 2.0.1!
My first post about this OWASP project can be found here. This post discusses the changes made to the open source software composition analysis utility in the latest release yesterday. This is the OWASP Dependency-Check 2.0.1! Read more about UPDATE: OWASP Dependency-Check 2.0.1!
Apache Struts2 Showcase Remote Code Execution! (S2-048)
Seems like yesterday when S2-045, the Jakarta Multipart vulnerability was being actively exploited in the wild which allowed remote attackers to execute arbitrary code. A few hours ago a new equally exploitable advisory - S2-048 was made public by the Apache foundation! This is a quick write up to see if we can test an exploit for the Apache Struts2 vulnerability and create a Read more about Apache Struts2 Showcase Remote Code Execution! (S2-048)
Zeus: Audit & Harden Your AWS Installations!
You must have read my last post about Prowler, a full featured and open source tool that automates auditing and hardening guidance of an AWS account. It performs 52 checks based on CIS Amazon Web Services Foundations Benchmark 1.1. If you are looking for a smaller set of checks, then you have another option - Zeus. Read more about Zeus: Audit & Harden Your AWS Installations!