Previous days I have been playing with nmap and other tools to gather information, through tor network. I wanted to share my experience with it, and the configuration that I am currently using. I hope you can find here some tips or ideas useful for you.
Showing posts with label protocol. Show all posts
Showing posts with label protocol. Show all posts
Saturday, November 11, 2017
Saturday, July 8, 2017
Analysis of new variant of Konni RAT
These days TalosIntelligence commented about a new variant of Konni RAT. It is not a complicated malware, but it implements some interesting tricks and functionality typical of RATs. I wanted to take a look at something different (there is more life after the ransomware ) and in this post you can find a brief analysis of this RAT. I hope you enjoy it.
Tuesday, March 10, 2015
Getting CryptoWall and CryptoDefense working without C&C
It's common to find malware samples that need the C&C to work. This is the case of Cryptowall and CryptoDefense ransomwares. If you need to debug samples of these families you will usually find the C&C down and the ransom won't work and won't encrypt files. It only will try to connect to C&C continuously.
In this article i'm going to describe a way to create a fake C&C for CryptoWall and CryptoDefense families, and how to get samples of these families working into a vmware for example.
In this article i'm going to describe a way to create a fake C&C for CryptoWall and CryptoDefense families, and how to get samples of these families working into a vmware for example.
Subscribe to:
Posts (Atom)