SQLMap is an open source penetration testing tool that automates the process of detecting and exploiting SQL injection flaws and taking over of database servers. It comes with a powerful detection engine, many niche features for the ultimate penetration tester and a broad range of switches lasting from database fingerprinting, over data fetching from the […]
Outlaw Hacking group uses command injection vulnerability in IoT devices and Linux servers to distribute botnets. The threat actors compromised the FTP servers of Japanese institution and Bangladeshi government site. Security researchers from TrendMicro uncovered the hacking operation named “Outlaw”, the hacker group used compromised servers and linked to availability cluster to host an IRC […]
SQLMap is an open source penetration testing tool that automates the process of detecting and exploiting SQL injection flaws and taking over of database servers. It comes with a powerful detection engine, many niche features for the ultimate penetration tester and a broad range of switches lasting from database fingerprinting, over data fetching from the […]
NodeXP is an intergrated tool, written in Python 2.7, capable of detecting possible vulnerabilities on Node.js services as well as exploiting them in an automated way, based on S(erver)S(ide)J(avascript)I(njection) attack! Nodexp Getting Started – Installation & Usage Download NodeXP by cloning the Git repository: git clone https://github.com/esmog/nodexp To get a list of all options run: […]
CoffeeShot is an evasion framework that injects payload from Java-based programs into designated processes on Microsoft Windows. It assists blue team members in assessing the effectiveness of their anti-malware measures against malicious software written in Java. Red team members and pen testers can also use CoffeeShot to bypass the target’s security controls. It utilizes JNA […]
New Adwind 3.0 RAT (Remote access Trojan) Evolving with new sophisticated capabilities, unlike old version it mainly attacks desktop version of Linux, Windows and Mac OSX using DDE code injection technique. Attackers are using weaponized Microsoft Office documents to compromise the targeted victims and also new capabilities that able to avoid detection by anti-virus software. This attack […]
SQLMap is an open source penetration testing tool that automates the process of detecting and exploiting SQL injection flaws and taking over of database servers. It comes with a powerful detection engine, many niche features for the ultimate penetration tester and a broad range of switches lasting from database fingerprinting, over data fetching from the […]
Tplmap is a python tool that can find code injection and Server Side Templates Injection (SSTI) vulnerabilities by using sandbox escape techniques. The tool is capable of utilising a SSTI in a number of template engines to gain access to the target file system or operating system. Some of the supported template engines include PHP […]
Trickbot malware is one of the widely known Banking Trojan emerging again with sophisticated techniques to at target the various financial institutions and large bank to steal the banking credentials. The current version of Trickbot malware is spreading with a powerful code injection technique to evade the detection, anti-analysis technique and disable the security tools that run in […]
BSQLinjector is a Blind SQL injection exploitation tool written in ruby. It uses blind method to retrieve data from SQL databases. I recommend using “–test” switch to clearly see how configured payload looks like before sending it to an application. Options: –file Mandatory – File containing valid HTTP request and SQL injection point (SQLINJECT). (–file=/tmp/req.txt) […]
Sqlmap is an open source tool used to test the SQL injection vulnerabilities within web applications. The tool requires Python 2.6.x and 2.7.x. The tool is capable of databases fingerprinting, fetching data from the databases, accessing the database file systems, and running different commands on the target server. The tool can be installed by cloning […]
Commix is a command injection exploitation tool used for testing command injection vulnerabilities in web applications. Command injection, also known as shell injection is achieved through vulnerable applications. For the attack to be successful, the application must pass unsecure user supplied data to the system shell. The tool is written in Python language. Who can […]
SleuthQL is a python3 script to identify parameters and values that contain SQL-like syntax. Once identified, SleuthQL will then insert SQLMap identifiers (*) into each parameter where the SQL-esque variables were identified. SleuthQL aims to augment an assessor’s ability to discover SQL injection points by automating some of the request analysis required during a web […]
SQL (Structured Query Language) is a popular programming language for managing data kept in relational databases. However, the databases can be breached when an attacker adds SQL statements that attempt to corrupt, delete, extract, or delete the data held in the databases. With the current rise of SQL injection cases, learning how to protect your […]
This injection technique allows the injected code to run before the entry point of the main thread of the process, thereby allowing avoiding detection by anti-malware products’ hooks. Code injection is commonly used by malware to evade detection by injecting a malicious code into a legitimate process, information security experts said. This way the legitimate process serves […]
Advanced Malware threats nowadays using powerful Code Injection Technique called “Early Bird” that helps to evade the detection by Anti-Malware software. Code injection technique allows malware inject the malicious code into a legitimate process and run before an entry point of the process in Main threat. This New technique abuse the anti-malware product to evade […]
Commix (short for [comm]and [i]njection e[x]ploiter) is an automated tool that you can use to test web-based applications with the view to find bugs, errors or vulnerabilities related to command injection attacks. By using this tool, it is very easy to find and exploit a command injection vulnerability in a certain vulnerable parameter or HTTP […]
Linux.ProxyM malware was well known for infecting almost any Linux devices which include routers, set-top boxes, and other equipment. It affects the devices and launches a SOCKS proxy server on an infected device. It involved in various activities, in June it was used by cybercriminals to target Raspberry Pi devices for Mining Cryptocurrency, in September […]
Hackers are testing a new variation of the Ursnif Trojan aimed at Australian bank customers that utilizes novel code injection techniques. Since the summer of 2017, IBM X-Force researchers report that Ursnif (or Gozi) samples have been tested in wild by a new malware developer. The samples are a noteworthy upgrade from previous versions. “This […]
A Sophisticated Ursnif Malware variant using manipulated TLS call back Anti-Analysis Technique while injecting the Child Process for changing the entry point. TLS (Thread Local Storage) call backs used for additional initialization and termination that provided by Windows operating system. Malicious TLS Allows PE files to include malicious TLS callback functions to be executed prior to […]
The Mole is an automatic SQL Injection exploitation tool. Only by providing a vulnerable URL and a valid string on the site it can detect the vulnerability and exploit it, either by using the union technique or a boolean query based technique. It uses a command based interface, allowing the user to indicate the action […]