Tool & attrib command to remove shortcut virus
If you are having a dubplicated files problem or not able to read your files inside your thumbdrive because of viruses. Follow the following steps. Perhaps this solution works for you. Step 1: Click on...
View ArticleSmooth-Sec 64bit edition is out
Smooth-Sec is a ready to-go IDS/IPS (Intrusion Detection/Prevention System) linux distribution based on the multi threaded Suricata IDS/IPS engine and Snorby, the top notch web application for...
View ArticleCapturing Malware with Honeypot on Unifi Network
After almost 1 day of operation to monitor my Unifi network, here I would like to share some statistics and information on my malware honeypot. What is Unifi: Unifi adalah high speed broadband service...
View ArticleCyber Espionage (Georbot Botnet))
Cyber Espionage (Georbot Botnet)) In march, 2011 CERT-Georgia which is Governmental “Computer Emergency ResponseTeam” of Republic of Georgia has Discovered Cyber Attack Incident, which seems to be...
View ArticleMalaysia Botnet Drones and Malware Infection (2011 vs 2012)
This is comparison reports of “Malaysia Botnet Drones and Malware Infection” count by unique IP from Malaysian Computer Emergency Response Team from 2011 to 2012 Malaysia Botnet Drones and Malware...
View ArticleSSH Honeypotting – Bad guy in action.
SSH Server allows remote control and access the system. This article, I would like to present my analysis from captured files and activities by the attacker, which is trapped in our SSH-Honeypot. In...
View ArticleScapy – Easy way to scan available IPs in LAN using ARP reply.
To perform ARP Ping scan, use this command on scapy. >>> ans,unans=srp(Ether(dst=”ff:ff:ff:ff:ff:ff”)/ARP (pdst=”192.168.0.0/24″),timeout=2) Begin emission: ………….*………………Finished to send 256...
View ArticleMandiant APT1 – Exposing One of China’s Cyber Espionage Units
“China’s economic espionage has reached an intolerable level and I believe that the United States and our allies in Europe and Asia have an obligation to confront Beijing and demand that they put a...
View ArticleMCMC investigates The Malaysian Insider for spyware reports.
Malaysian Communications and Multimedia Commission (MCMC) is investigating the news report issued by local online news portal, The Malaysian Insider, at around 3:00 pm yesterday with the headline...
View ArticleFlood script in my SSH honey-potting.
Simple yet functioning flood script. I found this script on yesterday inside my SSH honey-potting server #!/usr/bin/perl use Socket; $ARGC=@ARGV; if ($ARGC !=3) { printf “$0 \n”; printf “for any info...
View ArticleUFONET – Open Redirect DDoS tool
UFONet is an open redirect DDoS tool designed to launch attacks against a target, using insecure redirects in third party web applications, like a botnet. Obviously, only for testing purposes. UFONet...
View ArticlePowershell – To find date of creation
I wrote this script last year while was doing threat hunting and since my team keep asking it, therefore I hope this is also beneficial to everyone that looking for this answer. What it does basically...
View Article
More Pages to Explore .....