[Malware Classifier] Malware Analysis Tool - Adobe

In this post I am going to talk about a new tool: "Adobe Malware Classifier", this is a command-line tool that lets antivirus analysts, IT administrators, and security researchers quickly and easily determine if a binary file contains malware, so they can develop malware detection signatures faster, reducing the time in which users' systems are vulnerabl...

Read More

(D)DoS Deflate - A script designed to Block a Denial of Service Attack

Nowadays a common problem for many companies is Distributed Denial of Service Attack (DDoS), so in this post is explained: what is a DDoS and a possible solution for it? Distributed Denial of Service (DDoS): In computing, this attack is an attempt to make a machine (usually a web server) or a network resource unavaliable to its intended users, the reasons for this attack may vary, but it generally consists of efforts to temporarily or indefinitely...

Read More

ESET Security Challenge - Solution

Figure 1: New Search Engine in Development Scenario: A malicious code had access to a small enterprise of web developers, who are working on building a new search engine that will be participating on the market. Figure 1 shows a screenshot of the new project. To verify the functionalities of this new search engine, we are going to make some tests. First, we will enter the word "trololo" to see the results. The server response to the request...

Read More

Cracking a Simple Application (ByPass Login)

In this post I am going to explain how to solve a "Crackme" challenge that I found on the Internet, in this example you can see a Login form but we don't know the Username or the Password, so what do you think could be a possible solution?, or the first step to solve it?...

Read More

How can you be fooled by the U+202E trick?

A common technique, used by malicious attackers to fool their victims, is using the Unicode special character U+202E known as an annulment from right to left to make the malicious file appears as a PDF document instead of a potentially dangerous executable file. To understand this concept, let's imagine that our malicious file is "document.exe" (see Figure 1): Figure 1: Malicious file recently created with no changes. Now we are going...

Read More

Test if your Anti-Malware suite is good enough to Protect your Computer

EICAR Test File The EICAR Standard Anti-Virus Test File or EICAR test file is a computer file that was developed by the European Institute for Computer Antivirus Research (EICAR) and Computer Antivirus Research Organization (CARO), to test the response of computer antivirus (AV) programs. Instead of using real malware, which could do real damage, this test file allows people to test anti-virus software without having to use a real computer...

Read More

[Malwasm] - Offline Debugger for Malware's Reverse Engineering

Today I want to share a new tool that I was testing, its name is "Malwasm", this is a tool based on Cuckoo Sandbox.  Malwasm was designed to help people that do reverse engineering. Malwasm step by step:  The malware to analyse is executed through Cuckoo Sandbox During the execution, malwasm logs all activites of the malware with pintool All activities are stored in a database (Postgres) A web service is available to visualize...

Read More

OWASP Top 10 - XSS

In this post I want to share one of the most popular attacks that are used in web applications, so let's start: "Cross-Site Scripting attacks are a type of injection problem, in which malicious scripts are injected into the otherwise benign and trusted web sites. Cross-site scripting (XSS) attacks occur when an attacker uses a web application to send malicious code, generally in the form of a browser side script, to a different end user. Flaws...

Read More

Malware Analysis – Trojan Banker

After we have already prepared our environment for Malware Analysis, let's start practicing with a simple Trojan Banker, this malware was uploaded to VirusTotal for the first time in 2011-08-22 19:18:47 UTC, and maybe you think, this is a really old sample, but if you are a begginer in this area this could be a good option for getting started....

Read More

Getting Started on Malware Analysis

Some of my friends asked me how to get started with Malware Analysis, so in this post I want to share the answer, not only for them but for the rest of the world. Malware Analysis for me is some kind a hobby because I think it is funny, really interesting, a good way to help people to solve their problems and finally to fight against Cybercrime....

Read More