Instagram

All Stories

Dynamic win32 malware analysis on Linux

Sometimes we don’t have a Windows machine for analyzing a malware sample. If the sample is very simple and is not interacting much with the operating system, we can use Linux.

In reversing, Feb 24, 2019

UART access. Hardware Hacking with Bus Pirate

Bus Pirate is a flexible tool for hardware hacking that enables a universal bus interface that talks to most chips. It supports several protocols:

In hw-hacking, iot-security, Feb 17, 2019

Real-time processing with Python

Sometimes we need to process tons of data, but scaling application is not easy, above all in python. That’s why I started researching about real-time data processing and I found out A...

In research, devop, Feb 08, 2019

STM32 debugging with ST-Link

In this article I wil explain how can we program, debug and dump a firmware from STM32 boards. For this, we will need a st-link v2 programmer. The first step is to download the datash...

In hw-hacking, iot-security, Jan 30, 2019

Dinoflux

Jose Ramon Palanco holds a Telecommunications Engineering degree from The University of Alcala de Henares in Madrid. Jose Ramon is the founder of Dinoflux, a cybersecurity product spe...

In entrepreneurship, Projects, Jul 01, 2018

Protocol Detector

ProtocolDetector is am open source python library I developed for Dinoflux. This library aims to provide an easy-to-use mechanism to integrate protocol detection capabilities into you...

In Projects, Sep 09, 2017

Linux dynamic analysis with callgrind

Sometimes I am fond of trying new tools even I have already a toolkit, just for having fun. In this case, I researched about valgrind suite, in particular callgrind. Callgrind is a pr...

In reversing, Jun 28, 2015

Inside HAVEX

We have analyzed a sample of Havex and from there, we have prepared a report of behavior. Throughout the report you will find all the details of operation we have located from our ana...

In reversing, Jul 24, 2014

CVE-2007-0176: GForge Cross Site Scripting vulnerability

GForge is vulnerable to a security vulnerability that allow Cross-Site Scripting attacks. Due to improper filtering, a remote attacker can exploit a cross site scripting.

In advisories, Jan 10, 2007

CVE-2006-6104: Mono XSP ASP.NET Server sourcecode disclosure

The System.Web class in the XSP for ASP.NET server 1.1 through 2.0 in Mono does not properly verify local pathnames, which allows remote attackers to (1) read source code by appending...

In advisories, Dec 21, 2006