Category Archives: Security

Book Review: PoC||GTFO

Yes, I’m back to blogging and doing a book review. I guess better late than never 🙂 This time I’m reviewing the holy hacker book: International Journal of Proof-of-Concept or Get The Fuck Out (PoC||GTFO, ISBN-13: 978-1-59327-880-9). The book sums … Continue reading

Posted in Books, Pentest, Privacy, Security, Technology | Tagged , , , , , | 2 Comments

Mirai DDoS Botnet: Source Code & Binary Analysis

Mirai is a DDoS botnet that has gained a lot of media attraction lately due to high impact attacks such as on journalist Brian Krebs and also for one of the biggest DDoS attacks on Internet against ISP Dyn, cutting … Continue reading

Posted in Privacy, Security, Technology | Tagged , , , , , , | Leave a comment

Fristileaks 1.3 CTF Writeup

This vulnerable VM is a fun and simple CTF that can be downloaded from the awesome portal VulnHub. Note: For vmware you may need to set the MAC address to 08:00:27:A5:A6:76 to get it working. I did, see Fig 1. … Continue reading

Posted in Pentest, Security, Technology | Tagged , , , , , | Leave a comment

Equation APT analysis using Security Data Science platform: BinSecSweeper

As many readers already know, at VULNEX we have been working on our BinSecSweeper project whose development began in 2013 thanks to an award by US DARPA within its pilot program Cyber Fast Track (CFT) and we were the only … Continue reading

Posted in Privacy, Security, Technology | Tagged , , , , , , , | Leave a comment

A Security Breach Can Hurt You, More Than You Think!

Week after week we read about security breaches in top websites around the world, where millions of user’s data are exposed and the company not even reply with an apology. Until now nobody in management (your typical C-level) assumed any … Continue reading

Posted in Security, Technology | Tagged , , , | Leave a comment

Race to 0day in Nation State Operating Systems

Operating System change is coming… We all know that Windows still dominates the desktop arena with Linux and MacOS trying to catch up and that Android dominates the mobile space with iOS and Windows Phone trying to catch up as … Continue reading

Posted in Privacy, Security, Technology | Tagged , , , , | Leave a comment

Cyber Intelligence Universe

In recent years all “cyber” is fashionable, and intelligence applied to the cyber world could not be less! The concept of intelligence has an offensive meaning due to the use by intelligence and military agencies, but now too many security … Continue reading

Posted in Pentest, Security, Technology, Threat Modeling | Tagged , , , , | Leave a comment

Theoretical attacks on a Sex Robot: Roxxxy

The True Companion company markets for the last few years the first robot to have sex with: Roxxxy. Unfortunately it is not possible to find too much information about the technical features of the robot on the company website, but … Continue reading

Posted in Security, Technology, Uncategorized | Tagged , , | 2 Comments

Heartbleed: pain, blood and code

All alarms went off last week when a serious security flaw called Heartbleed in the OpenSSL cryptographic library was published. This library is used by a large part of the servers on the Internet as well as much security software. … Continue reading

Posted in Pentest, Security, Technology | Tagged , , , | Leave a comment

The need to evolve defensive security to offensive security

This morning I saw a job offer from Facebook looking for offensive security engineers and I thought it would be a wonderful opportunity to explore this idea and its application in corporate security. Traditionally information security in enterprises has a … Continue reading

Posted in Pentest, Security | Tagged , , , | 2 Comments