Today I want to simply share on my diary a great picture of my working day (this picture is a screen capture of a double monitor running a progect in nodejs). This picture represents an amazing security project finally ready to the first public release and … the desire of writing “amazing code”. You will […]
Read more "Managing and Writing"Today I found some notes on my desk abut the last Chaos Computing Club-Congress (CCC) in 2013. Since are pretty funny to me I decided to share them with you. Researchers, as reported to 29C3, were able to collect over 3 Million certificates with their Public Key. So far nothing interesting at all…They were able […]
Read more "When Fun Comes to Crypto"In one of my previous posts I described a way to hack through images. That time I showed how a valid BMP file could be a valid JS file as well, hiding Javascript operations. Today it’s time to describe how this attack work with a more common web file format: .GIF. Ange commented on my […]
Read more "Hacking through image: GIF turn"During the past months I received, throught my blog, requests on what to read during winter Holidays. I decided to publish a little list on some of the books (yes, I wrote “some” and not “all” ) that have been really useful for my carrer which I would totally suggest to everybody interested on such […]
Read more "Good Readings"It’s long time I don’t write on my own blog (more then two months) and if you look at the history bar on your right you will probably figure out I am slowing down my blog posts a bit if compared to the past years. This happens due the amount of work my security team […]
Read more "Hacking through images"Today I’d like to share another “funny BUG” (yep, believe me this is quite funny) through this summer time quick’n dirty post. The involved hunter is Nuzhny (no contacts provided to me, more infos here) who disclosed a Stack Overflow in Windows Calculator last week. You would think: “A BOF in Windows Calc.exe ? You’re […]
Read more "BUG in WinCalc.exe"Plenty of documents are describing how Malwares implement “Escape” techniques in order to evade Malware analysis. I did write posts on several of the most interesting evasion techniques ( available here and here) adding information on my side as well. Today I want to share a personal MAP that I made to correlate evasion techniques […]
Read more "Malware Evasion Chart"Since 2009 when I wrote: “The string Decoding Process” (published by hakin9 magazine) I use crafted tools to automatically decode strings (some of them have been published on this blog). Decoding strings results pretty hard especially nowadays where many encoding algorithms are commonly used over planty “daily life tools”. Understanding what encoding we are facing […]
Read more "Hash Detector Tool"Today another “Hack Note” on my blog to point you out to a great analysis of ZeuS evolutions. I definitely suggest the reading titled “ZeuS-P2P” by Cert Polska because, in my personal opinion, it describes one of the most important evolutions of a “bot kit” happened so far: the distribution of the Command aNd Control […]
Read more "ZeuS Evolution: it’s time for P2P and RSA."Dear folks, as you probably have noticed my blog-post frequence went down a little bit during the past 4 to 6 months, since I am super busy… I am still alive though :). Today I want to share an interesting IDA Pro plugin that I ‘ve been testing for awhile called idapathfinder. Once you installed […]
Read more "Finding path to known functions through IDA-Pro"