Application Security This Week for March 17

Android malware had almost 150 MILLION Googe Play Store downloads before it is was discovered and pulled.

https://www.theverge.com/2019/3/13/18263739/android-adware-simbad-google-play-store

 

Awesome User Access Control bypass that never saves anything to disk.  As always PLEASE be careful playing with malware.

https://www.activecyber.us/activelabs/windows-uac-bypass

I wrote something similar for FALE a LOOOONG time ago but the ActiveLabs tool is better.

https://github.com/lockfale/DotNetAVBypass-Master

 

It's old home week.  Subdomain brute forcing tool in VISUAL BASIC 6!!  If anyone gets this up and running let me know, I would, but it triggers my PTSD.

https://github.com/visualbasic6/subdomain-bruteforce

 

Thanks to Jim Holmes to tuning me into this list - collected exploits for web attacks.  

https://github.com/swisskyrepo/PayloadsAllTheThings

 

And that's the news!!

Add comment

Bill Sempf

Husband. Father. Pentester. Secure software composer. Brewer. Lockpicker. Ninja. Insurrectionist. Lumberjack. All words that have been used to describe me recently. I help people write more secure software.

 

 

profile for Bill Sempf on Stack Exchange, a network of free, community-driven Q&A sites

MonthList