Subscribe: Entries feed

Last update: 09 October 2022

ALPHA THREAT BLOGS

An exemplary learning community

ADVANCE DEFENSE: PROCESS MONITORING WITH RUBY

Make you own Security Solution, get alert on new process launch. Stay tuned   Today's post can be used by System Admins and fellow friends to detect any suspicious process launch in background. Latest malwares use fileless techniques to infect the system by spawning the system processes from memory region itself. cmd and powershell are two such...

BROWSER PROFILE FORENSICS

This post discuss about how to read the data that your browser stores locally. This data includes cookies, forms, history, boookmarks, etc which can be used to obtain lots of information. In this post we will focus on firefox in Linux platform but the methodology will be same for all. Browsers require their own database and set of data to function....

FINDING MY FILES WITH RUBY

Here i share code i wrote to search my study related material which was spread all over the Hard disk in multiple partitions. So I have all my learning stuff spread in multiple folders, which is nasty when i want to find something. Apart from different folders the stuff is divided in different partitions, so i spent time in finding what i need. I...

SOME WAYS TO DETECT VIRTUAL MACHINE

This post provides an insight on some of the methods ( C code snippets) that can be use to detect either a program is running in a Virtual Machine instance. Source zwclose7 METHOD 1  HKEY HK=0; if(RegOpenKeyEx(HKEY_LOCAL_MACHINE,"HARDWARE\\ACPI\\DSDT\\VBOX__",0,KEY_READ,&HK)==ERROR_SUCCESS) { MessageBox(0,"VirtualBox...

RUBY ONE LINER COLORED THREADED REVERSE SHELL

Develop a unique oneliner colored reverse shell in Ruby Language This is a simple one liner reverse shell with threading and color feature. Every command gets executed in a separate thread which prevents breaking of shell due to error. Also Handles any exception and sends it to attacker side. The commands sent will be shown in color and bold for a...