Gazorp - Thieving from thieves

April 29, 2020 - Reading time: 15 minutes

This is a look into the short-lived piece of malware called Gazorp, and how its creators placed a backdoor within its command & control panel. I'll be looking at the code and how the backdoor was created and hidden.

Read more


uAdmin - Show & Tell

March 19, 2020 - Reading time: 13 minutes

In this post I'll be taking a look at Unknown Admin or better known as U-Admin. We'll be taking a look at the code, how it functions, and different use cases for phishing and injects. I'll also be discussing real world instances.

Read more


Nexus - Just another stealer

February 22, 2020 - Reading time: 13 minutes

In today's post I will be analyzing and reversing a new credential stealer that has recently hit the market. I'll be showing it's control flow, how it steals data and the methods it uses to be able to grab information off of its victims.

Read more


Shodan - Treasure Hunting

December 30, 2019 - Reading time: 6 minutes

Today we will be discussing Shodan, a search engine for internet connected devices. I will be giving an overview of the filters you can use and the cool things that can be found with these filters.

Read more


DarkRat - Hacking a malware control panel

December 23, 2019 - Reading time: 11 minutes

In this post I will be showing you how I found vulnerabilities in the control panel of a new piece of malware and how I exploited these to be able to take it over. I will also be giving insight into chaining vulnerabilities.

Read more


TumblerCC - How not to run a scam

December 15, 2019 - Reading time: 5 minutes

This is a story about how I came across a credit card store that turned out to be a complete facade and how I exploited it to find more information about the site and what allowed me to take advantage of these flaws.

Read more