Recently I was creating dorks for some products and I came across “Suntech”. …


[part 2]

When it comes to data exfiltration, creativity and thinking outside the box is the most important. To remember; The term “living off the land” (LOL) was coined by malware researchers Christopher Campbell and Matt Greaber to explain the use of trusted, pre-installed system tools to spread malware. There are a…


To evade detection and analysis by security researchers, malware may check if it is running under a virtualized environment such as virtual machine in VirtualBox and VMWare. …


When working with Tweet data, there are two classes of geographical metadata, you can use the following search to find any media-items tagged with a specific GPS location

  • Tweet location — Available when user shares location at time of Tweet.
  • Account Location — Based on the ‘home’ location provided by…


Fisrt, you need to create a account on DigitalOcean, when you create the account, you will receive 100U$ credits to spend:


The term “living off the land” (LOL) was coined by malware researchers Christopher Campbell and Matt Greaber to explain the use of trusted, pre-installed system tools to spread malware. …


Atualizando meu parser para o pastebin, encontrei uma webshell em php bem interessante e resolvi decodar por curiosidade. Para esse tipo de análise sempre recomendo o uso do Cyberchef, basicamente um canivete suiço para coisas como criptografia, encoding, compressão e análise de dados, e essa será a única coisa que…


The Win32_TemperatureProbe WMI class represents the properties of a temperature sensor (electronic thermometer).

command: wmic /namespace:\\root\WMI path MSAcpi_ThermalZoneTemperature get CurrentTemperature

Most of the information that the Win32_TemperatureProbe WMI class provides comes from SMBIOS. Real-time readings for the CurrentReading property cannot be extracted from SMBIOS tables. For this reason, current implementations of WMI do not populate the CurrentReading…

movq %rax,%rax

reverse engineering and malware tales\\ Linkedin@isdebuggerpresent\\

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store