Wed 04 September 2024
Retrieve C2 from a wild StealC sample using Binary Ninja API.
Tue 03 September 2024
Retrieve C2 from unpacked loader (stage2) of a wild StealC sample and unpack stage 3 all with MIASM.
Mon 02 September 2024
Unpacking the first stage of StealC packed by pkr_ce1a using MIASM
Mon 08 July 2024
This blog post introduces a tool that extracts stolen credentials from text files coming in varying formats in order to address CTI and Red Teaming needs.
Mon 17 June 2024
In this blog post, we will explore a new way of exploiting the vulnerability on PHP, using direct calls to iconv(), and illustrate the vulnerability by targeting Roundcube, a popular PHP webmail.
iconv()
Wed 05 June 2024
Scalpel is a Burp extension for intercepting and rewriting HTTP traffic, either on the fly or in the Repeater using Python 3 scripts.
Check our offensive & continuous web security assessment service