CATEGORIES
Malware
Gold Pickaxe iOS Technical Analysis: IPA Overview and C2 Communication Start up
In February 2024 Group-IB wrote a blog post about a mobile Trojan developed by a Chinese-speaking cybercrimine group ...
Atomic macOS Stealer (AMOS) Analysis
Hello everybody, this is my first macOS malware analysis, I took a sample from malwarebazaar and tried to reverse it,...
Rustware Part 3: Dynamic API resolution (Windows)
In the previous blog post we have seen how to perform a shellcode process injection by finding a target process PID u...
Rustware Part 2: Process Enumeration Development (Windows)
In the previous blog post we have seen how to develop a Shellcode Process Injection in Rust; the described Process In...
Rustware Part 1: Shellcode Process Injection Development (Windows)
Malware development is essential when performing activities like Red Teaming, Adversary Emulation and Network Penetra...
QAKBOT BB Configuration and C2 IPs List
On September 30, 2022 a friend of mine received a phishing email pretending to be sent by one of his customers, the e...
Emotet Malicious Excel Analysis
Sometime ago a friend of mine sent me a suspicious email containg a zip file with an xls, at the time I didn't focus ...
CTF
Metasploitable3 CTF Writeup
Hello, my dear Friend R3d and I partecipated to the Rapid7 Metasploitable 3 CTF as 16667 team.
Kioptrix: Level 1.1 (#2) Writeup
Hello all.
Lamp Security CTF7 Writeup
Hello everyone, LAMP Security CTF7 was created by Mad Irish. You can find it on Vulnhub or on root-me.
Mr-Robot: 1 Writeup
Hello Friend, this is my writeup for the CTF Mr-Robot 1.
Lamp Security CTF5 Writeup
LAMP security CTF5 is a funny and easy CTF with a lot of vulnerabilities. You can find info about it on Vulnhub.com.
Lamp Security CTF4 Writeup
Hi everyone. This is my solution for LAMP security CTF4. This CTF is very easy, you can download it from Vulnhub.com ...
HackTheBox
Cascade Writeup
Let’s start by enumerating all the services on the machine with a TCP scan:
Resolute Writeup
I had some problems the last week and couldn't publish this writeup I wrote in Decembre, let’s start by enumerating a...
Safe Writeup
Let's run a full TCP scan with NMAP in order to enumerate all the available TCP services:
Nineveh Writeup
Let's start with NMAP:
Beep Writeup
Hello, this is my first writeup for Hack The Box platform, the machine was Beep
iOS
Gold Pickaxe iOS Technical Analysis: IPA Overview and C2 Communication Start up
In February 2024 Group-IB wrote a blog post about a mobile Trojan developed by a Chinese-speaking cybercrimine group ...
DVIA v2 iOS URL Runtime Manipulation with Frida
After my previous blog posts about DVIA v2 Anti-Debug and Frida with Swift] some guys asked me about the URL Runtime ...
iOS Strings Obfuscation in Swift
Usually when reversing an iOS Application, it’s common to see methods and strings that can help an attacker to figure...
iOS Swift Anti-Jailbreak Bypass with Frida
Frida is a dynamic binary instrumentation framework that has been around for a while. In a nutshell, Frida allows rev...
DVIA v2 iOS Anti-Debugging Bypass with LLDB
This is my solution to bypass anti-debugging checks on Damn Vulnerable iOS Application v2.
Rustware
Rustware Part 3: Dynamic API resolution (Windows)
In the previous blog post we have seen how to perform a shellcode process injection by finding a target process PID u...
Rustware Part 2: Process Enumeration Development (Windows)
In the previous blog post we have seen how to develop a Shellcode Process Injection in Rust; the described Process In...
Rustware Part 1: Shellcode Process Injection Development (Windows)
Malware development is essential when performing activities like Red Teaming, Adversary Emulation and Network Penetra...
Windows
Rustware Part 3: Dynamic API resolution (Windows)
In the previous blog post we have seen how to perform a shellcode process injection by finding a target process PID u...
Rustware Part 2: Process Enumeration Development (Windows)
In the previous blog post we have seen how to develop a Shellcode Process Injection in Rust; the described Process In...
Rustware Part 1: Shellcode Process Injection Development (Windows)
Malware development is essential when performing activities like Red Teaming, Adversary Emulation and Network Penetra...
macOS
CVE-2024-34456: Trend Micro Antivirus One Dylib Injection
During a red teaming activity, we gained access to a company MacBook; the Trend Micro Antivirus One software was runn...
Atomic macOS Stealer (AMOS) Analysis
Hello everybody, this is my first macOS malware analysis, I took a sample from malwarebazaar and tried to reverse it,...