Collaborate Disseminate
CVE-2020-27838 describes that Keycloak has an open endpoint where it’s possible to obtain client_secret information, as shown in the example below:
/auth/realms/{realm}/clients-registrations/default/{client_id}
Through other discussions, … Continue reading Analyzing impact of leaked client_secret in Authorization Code Flow in Keycloak (CVE-2020-27838)
I am planning on analysing some malware samples dynamically using a sandbox tool and a target Windows VM. The host (physical machine) runs Ubuntu and in it are the sandbox and target VM.
So far I only analysed benign samples, i.e. normal s… Continue reading How to store malware for analysis?
I am planning on analysing some malware samples dynamically using a sandbox tool and a target Windows VM. The host (physical machine) runs Ubuntu and in it are the sandbox and target VM.
So far I only analysed benign samples, i.e. normal s… Continue reading How to store malware for analysis?
Some security experts say that you shouldn’t trust a computer that has been compromised by an attacker. Now, if an antivirus software detects a malware on a computer, then the malware is already in the computer. Which means that the comput… Continue reading If I shouldn’t trust a compromised computer then what’s the point of an antivirus? [closed]
Many security researchers and analysts execute malware in safe environments to analyse how the malware behaves. This sometimes includes allowing the malware to connect to the network because, for example, some malware only begin its execut… Continue reading How do malware analysts guarantee the safety of other devices during dynamic analysis? [closed]
Based on this question.
Why are there more research papers on Android malware than iOS malware?
Continue reading Why are there more research papers on Android malware than iOS malware?
I see Android malware being mentioned when reading peer reviewed papers about malware detection for smartphones, but iOS is never mentioned.
Even Malwarebytes says:
Historically, iOS has never been completely free of malware, but it has m… Continue reading Why don’t researchers care about iOS malware? [closed]
Spam is everywhere and everyone gets it (especially professors), but I noticed that my personal email does not get much spam. How can I get more?
What are the most common ways of getting spam? Not just by forgetting to unsubscribe from a m… Continue reading How can I get more spam for my honeypot?
There is a lot of malware that can detect whether it is running inside a VM or sandboxed environment and if such environment is detected it can conceal it self and not execute. So why not make everything a VM? Now all systems are safe!
I k… Continue reading If malware does not run in a VM why not make everything a VM?
I was wondering how can I download DarkComet. Please link me a safe website with a download for it. I have looked at DarkComet.net but I am unsure if it is real or not.
Thanks
-Marcus