1. Introduction When analyzing malware we can gather a lot of information just by identifying the IP addresses and domains the malware software uses. Most malware software programs use DNS addresses to find the resources online. The domain resolution system is a system where we provide a hostname which is ...

Introduction Before trying to analyze any kind of malware, we need to have a proper environment set up, so we can be most efficient and collect the most information from the malicious executable without getting ourselves infected. The best thing to do in such cases is have a virtual machine ...

1. Introduction We all know that there are a number of attacks where an attacker includes some shellcode into a PDF document, which uses some kind of vulnerability in how the PDF document is analyzed and presented to the user to execute malicious code on the targeted system. The next ...

1. Introduction WfFuzz is a web application bruteforcer that can be considered an alternative to Burp Intruder as they both have some common features. With both Wfuzz and Burp Intruder we can bruteforce different web applications elements, like GET/POST parameters, cookies, forms, directories, files, HTTP headers, etc. If we ...

1. Introduction Whenever we're doing a penetration test, it's good to figure out the topology of the network we're testing. We can't figure out the whole topology, because we don't have access to their internal network, but even if we manage to figure out part ...

Introduction I guess we all know what Metasploit is, so we don't really need to present to the reader the basics of Metasploit. But it's still useful if we present the type of modules the Metasploit has. Metasploit has the following types of modules: Auxiliary Modules: perform scanning ...

1. Introduction We all know that when programming with a small or large team, having a revision control in place is mandatory. We can choose from a number of revision control systems. The following ones are in widespread use worldwide: CVS Was one of the first revision control systems, and ...

For part 1 of this series, click here. 1. Introduction In the previous part we've seen the structure of the PDF document and extracted the JavaScript contained in object 6. We also determined that the extracted JavaScript is run when the PDF document is opened. Now it's time ...

For part 1 of this series, please click here. Methods for Bypassing a Filter There is a number of different attack strings that can be used to bypass a filter and still pass malicious data to the target application. Before looking at them, it's better to first look at ...

1. Introduction First we must talk about vulnerabilities. We know that vulnerabilities that are present in any kind of software can be exploited by accepting the right input data, and parsing and executing it without checking it for malicious strings. Thus, vulnerabilities are present in software products because the programmers ...