External Reconnaissance If your engagement is not being kicked off via an “assume breach” methodology and you need to gain initial entry into the target network yourselves, some external reconnaissance will be required. …

Code Injection Review Code injection is a supported operation on Window systems and, of course, it a quite useful evasion method due to the fact that a malware is able to inject (write) a malicious code into a memory region (some people use the term “segment”) of the process itself (self-injection) or a…

What is Red Teaming? Red Teaming is the process of using tactics, techniques and procedures (TTPs) to emulate a real-world threat, with the goal of measuring the effectiveness of the people, processes and technologies used to defend an environment. Red teams provide an adversarial perspective by attacking assumptions made by an organization and defenders…

Malware analysis goals No doubts, It’s an interesting point: what are we looking for while analyzing a binary? The question is relevant because there’re many possible objectives and aspects to be regarded while analyzing a malware. …

In today’s digital world, cybersecurity is a critical concern for organizations of all sizes. The rise of technology has led to an increased dependence on computer systems, networks, and web applications, making it crucial for organizations to assess and improve their security posture. …

Introduction Welcome to MAS (Malware Analysis Series). Quite frankly, it was quite difficult to stop my research work to write an article in the last year and it would not be possible to write a series of articles, but I think it is possible now and we will try it. …

Cybercrime is defined as any criminal activity involving the use of computers, networks, or the internet. It can include any number of activities, such as identity theft, fraud, copyright infringement, hacking, and cyber bullying. …

Here is a Python script that you can use to encrypt all the files in a specified directory in Windows: import os import pyAesCrypt # Set the directory that you want to encrypt directory = "C:\\example\\" # Set the password for the encryption password = "password123" # Set the buffer size bufferSize = 64 * 1024 # Encrypt…

SCANNING > TARGET=10.129.51.137 && nmap -p$(nmap -p- --min-rate=1000 -T4 $TARGET -Pn | grep ^[0-9] | cut -d '/' -f 1 | tr '\n' ',' | sed s/,$//) -sC -sV -Pn -vvv $TARGET -oN nmap_tcp_all.nmap PORT STATE SERVICE REASON VERSION 22/tcp…