Find malware running from temporary directories using procfs.
Tag: Linux

Finding Masquerading Processes With procfs
Find masquerading processes using procfs.
Using procfs For Forensics and Incident Response
Using procfs For Forensics and Incident Response.
Accessing Alternate Data Streams on VMDK Images on Linux
Accessing Alternate Data Streams on VMDK Images on Linux.

crackmes.one “EZ crackme” Writeup
Writeup for "EZ crackme" on crackmes.one

Volatility on Ubuntu 20.04
Quick and dirty way to get Volatility working on Ubuntu 20.04
Finding Bad With Package Managers
Learn how to use dpkg, rpm, and other related tools to find malware on your systems.
Building a Hardened Shell For Attack/Defend CTF Supremacy
Harden bash shells against pesky red teamers.
Changing apt’s User-Agent string
Quick howto on changing apt/apt-get's User-Agent string.
packet_write_wait: Connection to X.X.X.X port 22: Broken pipe
How to fix packet_write_wait: Connection to X.X.X.X port 22: Broken pipe in VMWare Workstation guests.
SLAE #7: Shellcode Crypter for Linux/x86
Introduction This blog series has been created for completing the requirements of the SecurityTube Linux Assembly Expert certification: http://securitytube-training.com/online-courses/securitytube-linux-assembly-expert/ Student ID: SLAE-877 To get the code provided in this exercise: % git clone https://github.com/droberson/SLAE.git The code will be within the Assignment-7 directory. RC4 I decided to use the RC4 algorithm due to the fact that …
SLAE #6: Polymorphic Shellcode for Linux/x86
Introduction This blog series has been created for completing the requirements of the SecurityTube Linux Assembly Expert certification: http://securitytube-training.com/online-courses/securitytube-linux-assembly-expert/ Student ID: SLAE-877 To get the code provided in this exercise: % git clone https://github.com/droberson/SLAE.git The code will be within the Assignment-6 directory. What is Polymorphic Shellcode? Quoting the Wikipedia article about Polymorphic Code directly: In …
Continue reading SLAE #6: Polymorphic Shellcode for Linux/x86