Analyzing Pikabot Malicious JavaScript
Introduction I came across Pikabot infection, which utilizes a JavaScript file to download a malicious payload. According to any.run, it leverages Nuj.js as its initial adversarial point. To delve deeper into the analysis, I turned to Malware Traffic Analysis, my preferred site for malware research. After downloading the malware and artifacts zip file, I opened…
Exploring GreyNoise Query Examples
GreyNoise is a powerful search engine that allows users to investigate IP addresses for potential scanning or targeting activities on the internet. Utilizing GreyNoise Query Language (GNQL), users can refine their searches to uncover specific trends and patterns. Below are some interesting query examples that showcase the power of GreyNoise: Attacks on Australia from China…
Alert 1 To Win!
A series of XSS challenges: here’s some unsafe code; exploit it! Shortest code wins.
JWT attacks | Web Security Academy Labs
JWT (JSON Web Token) attacks are commonly employed in authority and authentication scenarios. They are utilized for securely transmitting cryptographically signed JSON data. In this context, all data is stored client-side, considered secure due to cryptographic signing – meaning the server remains unaware of the original JWT. Format JWTs consist of three parts: header, payload,…
Hello world!
Welcome to WordPress. This is your first post. Edit or delete it, then start writing!