JJEncode Script Leads to Drive-By | Kahu Security
The use of JJEncode in a drive-by download has been around for a couple of years but has been popping up a lot recently. A couple of readers have asked how to deobfuscate this so here’s a walkthrough with a live script. Here’s an automobile forum that’s been compromised: Viewing the source code, this link kicks off the infection: Then from alnera.eu, you end up getting this strange looking Javascr
Deobfuscating Javascript with Revelo | Kahu Security
I’ve been getting questions about how to use Revelo so this article will be a refresher on how to use it. You can find the tool here and play along if you like. We’ll be using Revelo to deobfuscate a simple script using free online Javascript obfuscators as practice. (I’m not hating on these tools, they are made by smart developers. All we are trying to do is practice our deobfuscation skills.) Be
Converter v0.6 Released | Kahu Security
Thank you to all of you for your feedback, patience, and support! It now has the same functions as Data Converter as described here. In addition, I’ve added a couple more features. To help you understand how to use them, let’s try it out on the latest version of Blackhole. I grabbed a Blackhole landing page link from a favorite site of mine, malc0de.com/database. Be sure you check it out and subsc
Revelo v0.4 | Kahu Security
I’m trying out some new methods to improve Revelo. This version now includes the following: – Added ability to choose the direction of the replacement (e.g. top-down or bottom-up). This might be important if a key value is up at the top and Revelo keeps replacing the one at the bottom. – Added ability to choose action method (e.g. textarea, document.write, or alert). I modified the other choices a
Revelo Update | Kahu Security
Thank you all for your support and feedback with the release of Revelo (finally, I know)! I wrote this program and tested it in Windows XP since I heavily use that in my VMs for analysis. For several of you, you are getting an error message when trying to run it in Vista or 7. My apologies! It was hard enough to write this let alone make it work on all platforms. 🙂 In this update, I removed an ou
Revelo – Javascript Deobfuscator | Kahu Security
I mentioned a new tool I’ve been developing to help with Javascript deobfuscation months ago. I’ve been working on it off and on but it’s taking me awhile. There’s still more to do but I think it’s ready for a public release. Consider this tool experimental! The purpose of this program is to assist the user in analyzing obfuscated Javascript code, particularly those that redirect the browser to ma
JavaScriptをもっと上達したい人へのヒント(JavaScript おれおれ Advent Calendar 2011 – 24日目) | Ginpen.com
JavaScript おれおれ Advent Calendar 2011 – 24日目(最終日) JavaScriptを書くプログラマーさんでも、JavaScriptも書くデザイナーさんでも。 僕なんかがおこがましいとは思うんですが。 いっぱい書く とにかく書く事です。何でもいいです。作りたいものがあれば作ってもいいし、面白そうなものを見かけたら真似してみましょう。 ライブラリーやフレームワークは躊躇なく使う 簡単に書けるならそれに越した事はありません。どんどん使いましょう。そもそも便利なライブラリーを習得する事だって大切です。 分かりやすいと最近評判の本ですね。プログラミングの知識が全く無い状態の読者を想定しているそうです。 「Webデザイナーのための jQuery入門」という本を書きました – Takazudo hamalog で、私が書いた本の話に戻りますが、「Webデザイナーのため
SANS - Internet Storm Center - Cooperative Cyber Threat Monitor And Alert System
Published: 2024-04-04 Last Updated: 2024-04-04 17:53:02 UTC by John Moutos (Version: 1) [This is a guest diary by John Moutos] Intro Ever since the LockBit source code leak back in mid-June 2022 [1], it is not surprising that newer ransomware groups have chosen to adopt a large amount of the LockBit code base into their own, given the success and efficiency that LockBit is notorious for. One of th
New Phishing Research: 5 Most Dangerous Email Subjects, Top 10 Hosting Countries - Security Labs
Forgot your password? Customers - Reset your password here. Partners - Reset your password using the Partner Portal. Are you a current Forcepoint partner or customer? Create Partner Account | Create Customer Account Get these benefits when you log into Forcepoint support: A personalized support experience for the products and versions you own. Access to thousands of Knowledge Base articles which a
Deobfuscate Javascript Using MS Tools | Kahu Security
Several readers sent me email asking how to decipher Javascript code without doing it manually. There are actually several tools out there that can help you. Malzilla, SpiderMonkey, and Rhino seem to be the most popular. But I found that there are some tools from Microsoft that can get at the deobfuscated code without breaking a sweat! Let’s have a look at a couple of little-known tools that you c
1
リリース、障害情報などのサービスのお知らせ
最新の人気エントリーの配信
j次のブックマーク
k前のブックマーク
lあとで読む
eコメント一覧を開く
oページを開く
Naked Security – Sophos News
Converter Update | Kahu Security
Ondailybasis.com
The crusaders' note : Suspected JS/RunForrestRun aka PseudoRandom's NEW bad actor scheme is on going..
Playing Hide and Seek with Malicious Scripts | Kahu Security
JS Obfuscation Using UserAgent String | Kahu Security
Revelo v0.3 Released | Kahu Security
SANS - Internet Storm Center - Cooperative Cyber Threat Monitor And Alert System
Blogs
SANS - Internet Storm Center - Cooperative Cyber Threat Monitor And Alert System