StealC Malware Analysis Part 3
Thu 03 October 2024
Retrieve C2 from a wild StealC sample using Binary Ninja API.
StealC Malware Analysis Part 2
Retrieve C2 from unpacked loader (stage2) of a wild StealC sample and unpack stage 3 all with MIASM.
StealC Malware Analysis Part 1
Unpacking the first stage of StealC packed by pkr_ce1a using MIASM
Jupiter X Core Plugin <= 4.7.5 Authentication Bypass (CVE-2024-7781)
Thu 26 September 2024
An authentication bypass vulnerability was found on Jupiter X Core Plugin <= 4.7.5 (CVE-2024-7781).
Jupiter X Core Plugin <= 4.6.5 Remote Code Execution (CVE-2024-7772)
A pre-authentication remote code execution vulnerability was found on Jupiter X Core Plugin <= 4.6.5 (CVE-2024-7772).
Writing a stealer logs parser
Mon 08 July 2024
This blog post introduces a tool that extracts stolen credentials from text files coming in varying formats in order to address CTI and Red Teaming needs.
XORtigate: Pre-authentication Remote Code Execution on Fortigate VPN (CVE-2023-27997)
Wed 14 June 2023
A pre-authentication remote code execution on Fortigate SSL VPN was discovered by Lexfo (CVE-2023-27997).
CVE-2023-27997 - Forensics short notice for XORtigate
Tue 13 June 2023
Some feedbacks on what we observed in Forensics with the Pre-auth RCE on Fortigate VPN (CVE-2023-27997) in our test environment.
Visit also our blog dedicated to web security research