Meet the GoldenJackal APT group. Don’t expect any howls

GoldenJackal is an APT group, active since 2019, that usually targets government and diplomatic entities in the Middle East and South Asia. The main feature of this group is a specific toolset of .NET malware, JackalControl, JackalWorm, JackalSteal, JackalPerInfo and JackalScreenWatcher. Continue reading Meet the GoldenJackal APT group. Don’t expect any howls

.NET Upgrade Assistant Now Helps Developers Move Off of Xamarin, UWP

Microsoft announced that its .NET Upgrade Assistant extension for Visual Studio now supports migrating apps from some legacy frameworks to newer, more modern frameworks.
The post .NET Upgrade Assistant Now Helps Developers Move Off of Xamarin, UWP appe… Continue reading .NET Upgrade Assistant Now Helps Developers Move Off of Xamarin, UWP

Uploading webshell in ASP.net application using directory-traversal and file-upload vulnerability

On my target site, I found two vulnerabilities, unrestricted file upload(to any directory) and directory traversal. I have two end points :
1- site.com/fileUp : uploads file
{
—-Request Parameters—
file_data=<file>
file_name=123…. Continue reading Uploading webshell in ASP.net application using directory-traversal and file-upload vulnerability