Stunix

78 Added | 3 Magazines | 2 Following | 2 Followers | @Stunix2017 | Keep up with Stunix on Flipboard, a place to see the stories, photos, and updates that matter to you. Flipboard creates a personalized magazine full of everything, from world news to life’s great moments. Download Flipboard for free and search for “Stunix”

Exploring Cobalt Strike's ExternalC2 framework

As many testers will know, achieving C2 communication can sometimes be a pain. Whether because of egress firewall rules or process restrictions, the …

Information Security

Intro to basic Disassembly & Reverse Engineering

Greetings! Continuing from my first blog about the journey of reverse engineering, I’d like to make a quick post about the fundamentals of code …

Engineering
Cybersecurity

Stealing CSRF tokens with CSS injection (without iFrames)

A post here details a method for stealing sensitive data with CSS injection by using Attribute Selectors and iFrames. Because this method requires …

Web Development

Malicious File Intelligence: fileintel

This is a tool used to collect various intelligence sources for a given file. Fileintel is written in a modular fashion so new intelligence sources …

Python Programming

Digital Forensics – Artifacts of interactive sessions

In this article I would like to go over some of the digital forensic artifacts that are likely to be useful on your quest to find answers to …

Forensics
Cybersecurity
APIs

Search Engine For Hackers: OSINT SPY

Performs OSINT scan on email/domain/ip_address/organization using OSINT-SPY. It can be used by Data Miners, Infosec Researchers, Penetration Testers …

WSC2

LAST/CURRENT VERSION: 0.1<p>Author: Arno0x0x - @Arno0x0x<p>WSC2 is a PoC of using the WebSockets and a browser process to serve as a C2 communication …

Lateral Movement Using Outlook’s CreateObject Method and DotNetToJScript

In the past, I have blogged about various methods of lateral movement via the Distributed Component Object Model (DCOM) in Windows. This typically …

Hunting for Koadic – a COM-based rootkit

In this post, we will be examining the core functionality of Koadic – an open source tool created by zerosum0x0. Koadic is a post-exploitation …

Fully undetectable backdooring PE file

Introduction<p>During Penetration testing engagement you are required backdooring PE file with your own shellcode without increasing the size of the …

RDPY – RDP Security Tool For Hacking Remote Desktop Protocol

RDPY is an RDP Security Tool in Twisted Python with RDP Man in the Middle proxy support which can record sessions and Honeypot functionality.RDPY is …

Information Security

RAT Decoders by kevthehermit

Welcome<p>This Repo will hold a collection of Python Scripts that will extract,decode and display the configuration settings from common rats.<p>Each of …

Python Programming

Windows oneliners to download remote payload and execute arbitrary code

In the wake of the recent buzz and trend in using DDE for executing arbitrary command lines and eventually compromising a system, I asked myself «</i> …

Reverse Engineering resources

A curated list of awesome reversing resources<p>Awesome Reversing<p>Books<br>• Courses<br>• Practice<br>• Hex Editors<br>• Binary Format<br>• Disassemblers<br>• Binary Analysis<br>• Bytecode …

Forensics

BadRabbit MS17-010 Exploitation Part One: Leak and Control

OverviewOn October 23, 2017, CrowdStrike® became aware of a new type of ransomware called BadRabbit. The initial infection occurred via a drive-by …

Cybersecurity

Detect Surveillance Spyware: Detekt

Detekt is a Python tool that relies on Yara to scan the memory of a running Windows system (currently supporting Windows XP to Windows 8.1 both 32 …

Graphical Interface for Powershell Scripts: PoshSec

The <i>PoshSec Framework</i> is a tool that is designed to provide a graphical interface for powershell scripts, funcions, modules and cmdlets<p>The PoshSec …

Automated Wireless Penetration Testing: Wi-fEye

Cracking menu: contains attacks that could allow us to crack wifi passwords weather is WEP , WPA or WPA2:<p>Enable monitor mode<p>View avalale Wireless …

MX Records in Digital Forensics and eDiscovery

When we compose and send an email message, the Mail Transfer Agent (MTA) queries the MX records for each recipient’s domain name. It then tries to …

Forensics

Threat Hunting with Sysmon: Word Document with Macro

As I’ve stated before, Sysmon is a great tool for gaining insight of what’s running in our systems and what changes are occurring in our …

Cybersecurity

The Myth of Automated Hunting in ICS/SCADA Networks - SANS Threat Hunting Summit 2017

Binary Analysis IDE: BinDiff

BinDiff is a comparison tool for binary files that helps to quickly find differences and similarities in disassembled code. It is used by security …

RPISEC: Malware Analysis

This material was developed and used by RPISEC to teach Malware Analysis at Rensselaer Polytechnic Institute in Fall 2015. This was a university …

Stealthy PHP Web Shell Backdoor: Weevely

Weevely is a command line web shell dinamically extended over the network at runtime used for administration and pen testing of remote web accesses. …