Betabot still alive with multi-stage packing.
This analysis was done in cooperation with Thomas (@securityimpacts [https://twitter.com/securityimpacts]). Check out his blog, he does awesome stuff there secu...
Command and control server in social media (Twitter, Instagram, Youtube + Telegram)
As a proof of concept, I wrote script which abuses social media in order to send commands to infected machines...
OSINT : Chasing Malware + C&C Servers
Looking for malware or command and control servers? I wrote a script named Daily dose of malware, which gather...
Stay up to date
and subscribe
Couple words about rsync protocol based on leak of 2k emails from Czech university.
I would like to show how misconfigured rsync protocol can lead to data breach or compromise company and how to secure yourself. To prove my point, I f...
How I Discovered 50k Australian Bank & Government Records (Data Breach) Online
Originally published on October 29th, 2017 TL;DR With help of AWS3dump and my poor coding skills I found database backups from 2016, on public amazon...
How To Scan Multiple Organizations With Shodan and Golang (OSINT)
I wrote a script in Go, which queries Shodan database based on given list of organizations. Next, I retrieve all bug bounty participants from Bugcrowd...