Application Security This Week for March 17

Android malware had almost 150 MILLION Googe Play Store downloads before it is was discovered and pulled.

https://www.theverge.com/2019/3/13/18263739/android-adware-simbad-google-play-store

 

Awesome User Access Control bypass that never saves anything to disk.  As always PLEASE be careful playing with malware.

https://www.activecyber.us/activelabs/windows-uac-bypass

I wrote something similar for FALE a LOOOONG time ago but the ActiveLabs tool is better.

https://github.com/lockfale/DotNetAVBypass-Master

 

It's old home week.  Subdomain brute forcing tool in VISUAL BASIC 6!!  If anyone gets this up and running let me know, I would, but it triggers my PTSD.

https://github.com/visualbasic6/subdomain-bruteforce

 

Thanks to Jim Holmes to tuning me into this list - collected exploits for web attacks.  

https://github.com/swisskyrepo/PayloadsAllTheThings

 

And that's the news!!

Comments are closed

Bill Sempf

Husband. Father. Pentester. Secure software composer. Brewer. Lockpicker. Ninja. Insurrectionist. Lumberjack. All words that have been used to describe me recently. I help people write more secure software.

 

 

profile for Bill Sempf on Stack Exchange, a network of free, community-driven Q&A sites

MonthList