Blog posts
Ambionics / Web Exploitation

Jupiter X Core Plugin <= 4.7.5 Authentication Bypass (CVE-2024-7781)

Thu 26 September 2024

An authentication bypass vulnerability was found on Jupiter X Core Plugin <= 4.7.5 (CVE-2024-7781).

Read more
Ambionics / Web Exploitation

Jupiter X Core Plugin <= 4.6.5 Remote Code Execution (CVE-2024-7772)

Thu 26 September 2024

A pre-authentication remote code execution vulnerability was found on Jupiter X Core Plugin <= 4.6.5 (CVE-2024-7772).

Read more
Malware Analysis

StealC Malware Analysis Part 3

Wed 04 September 2024

Retrieve C2 from a wild StealC sample using Binary Ninja API.

Read more
Malware Analysis

StealC Malware Analysis Part 2

Tue 03 September 2024

Retrieve C2 from unpacked loader (stage2) of a wild StealC sample and unpack stage 3 all with MIASM.

Read more
Malware Analysis

StealC Malware Analysis Part 1

Mon 02 September 2024

Unpacking the first stage of StealC packed by pkr_ce1a using MIASM

Read more
CTI

Writing a stealer logs parser

Mon 08 July 2024

This blog post introduces a tool that extracts stolen credentials from text files coming in varying formats in order to address CTI and Red Teaming needs.

Read more