Deobfuscation Malicious Javascript Codes
I want to deobfuscate malicious code where they are embedded in the URL. I have these URLs downloaded from here, where the URLs are embedded with malicious JavaScript.
Category Archives: obfuscation
Mac-Focused Malvertising Campaign Abuses Google Firebase DBs
Researchers said 1 million user sessions could have been exposed to the campaign, which downloads the Shlayer trojan. Continue reading Mac-Focused Malvertising Campaign Abuses Google Firebase DBs
More on Dnsden[.]biz Swipers and Radix Obfuscation
After recent publication of the Uncommon Radixes Used in Malware Obfuscation article, we found an interesting Twitter thread involving @EKFiddle and @Ledtech3
#EKFiddle [Regex update]: Added Radix Web Skimmer identified by @unmaskparasites (https://t…. Continue reading More on Dnsden[.]biz Swipers and Radix Obfuscation
How do I assess the difficulty of brute-forcing combinations of some public information?
I’m designing a piece of software whose information will be public, but I’m wondering how resistant this information might be to external analysis, without using any specific security mechanisms to protect the information.
Uncommon Radixes Used in Malware Obfuscation
Some JavaScript features allow for pretty interesting obfuscation techniques. For example, did you know that virtually any English word can be used as a valid number?
I recently decoded a credit card stealing script injected at the bottom of a js/vari… Continue reading Uncommon Radixes Used in Malware Obfuscation
What string encoding options are there besides xor?
When attempting to obfuscate strings in a modern program, xor is probably the most common option. By this I mean running each char of a string through a function which xors the char with some given number. This is popular bec… Continue reading What string encoding options are there besides xor?
How to test for Android app reverse engineering vulnerability
I’m an Android developer who knows how to work with Android SDK and Android studio as an IDE. I am familiar with Proguard and Dexguard tools related to obfuscation of code.
My Case:
I’ve developed an application that has… Continue reading How to test for Android app reverse engineering vulnerability
A predatory tale: Who’s afraid of the thief?
Predator is a data stealer developed by Russian-speaking individuals. It’s being sold cheaply on Russian forums and has been detected many times in the wild. Continue reading A predatory tale: Who’s afraid of the thief?
Necurs Botnet Evolves to Hide in the Shadows, with New Payloads
Using an on-again, off-again strategy of C2 communication helps it hide from researchers. Continue reading Necurs Botnet Evolves to Hide in the Shadows, with New Payloads