Category Archives: eBooks

10 Sep

Exploiting the Obvious: Bluetooth Trust Relationships

Introduction Trust is a tricky thing. If you trust the wrong people or the wrong things, you might get into trouble. That is the reason why it is generally a good idea to reconsider one’s trust relationships from time to time, because the assumptions these trust relationships are based on may not be true anymore,

Read More
28 Aug

IRN2 ~ Operation Doos Security Report

Executive Summary: Iranian cyber actors, in the Summer of 2017, compromised a website of Doosan Power Systems India (DPSI) in order to conduct a targeted spearphishing campaign against Saudi Aramco affiliates. DPSI is a subsidiary of Doosan Heavy Industries & Construction, the infrastructure support business of South Korean conglomerate Doosan Group. Doosan Heavy Industries &

Read More
24 Aug

File Upload Restrictions Bypass

Introduction: During penetration testing engagements, You may have seen unrestricted File Upload which can grants you an access to the server to execute malicious codes, however, it’s not that easy to do so in some cases where you have to bypass file upload restrictions and filtrations which can make it a bit challenging to finally

Read More
19 Aug

ATM Penetration

“Hack ATM with an anti-hacking feature and walk away with $1M in 2 minutes” Overview: In general, the subject of our research is ATM security. We will regard an ATM simply as a safe deposit, which is controlled by a computer. Currency is put into boxes, which are loaded into two devices in the safe:

Read More
04 Aug

Find Evil ~ Know Normal [Malware Hunting]

Find Evil – Know Normal Knowing what’s normal on a Windows host helps cut through the noise to quickly locate potential malware. Use the information below as a reference to know what’s normal in Windows and to focus your attention on the outliers.

Read More
03 Aug

Accelerated Windows Malware Analysis with Memory Dumps

Learn how to navigate process, kernel and physical spaces and diagnose various malware patterns in Windows memory dump files. We use a unique and innovative pattern-driven analysis approach to speed up the learning curve. The training consists of practical step-by-step hands-on exercises using WinDbg, process, kernel and complete memory dumps. Covered more than 20 malware

Read More