Binary Ninja Plugin: fix-stomped-imports
Recently, in response to a customer incident we needed to reverse engineer a malware sample of WhiteRabbit ransomware that proved to be tricker than expected. As we'll see, this sample maps a PE [...]
This Badge is My Badge
When it comes to covert entry assessments, successfully capturing RFID badge values can mean the difference between failure and successful entry to a target site. In a previous Labs post, “I Don’t Need [...]
Version Tracking in Ghidra
When a binary is reverse engineered using Ghidra, various annotations are applied to aid in understanding the binary's behaviour. These annotations come in the form of comments, renamed functions, variables, arguments and more. [...]
Vulnerabilities in AI Agents
LLMs are becoming increasingly accessible to everyone. It is very easy to create your own LLM system, however like with any new technology, they are challenging to secure. Many AI systems are vulnerable [...]
Emulation with Qiling
Qiling is an emulation framework that builds upon the Unicorn emulator by providing higher level functionality such as support for dynamic library loading, syscall interception and more. In this Labs post, we are [...]
CVE-2024-20356: Jailbreaking a Cisco appliance to run DOOM
The Cisco C195 is a Cisco Email Security Appliance device. Its role is to act as an SMTP gateway on your network perimeter. This device (and the full range of appliance devices) is [...]
Introducing the MLCommons AI Safety v0.5 Proof of Concept
Artificial Intelligence (AI) has been making significant strides in recent years, with advancements in machine learning and deep learning techniques. However, as AI systems become more complex and powerful, ensuring their safety becomes [...]
Flaw in PuTTY P-521 ECDSA signature generation leaks SSH private keys
This article provides a technical analysis of CVE-2024-31497, a vulnerability in PuTTY discovered by Fabian Bäumer and Marcus Brinkmann of the Ruhr University Bochum. PuTTY, a popular Windows SSH client, contains a flaw [...]
Introducing SharpConflux
Today, we are releasing a new tool called SharpConflux, a .NET application built to facilitate Confluence exploration. It allows Red Team operators to easily investigate Confluence instances with the goal of finding credential [...]
CVE-2024-25153: Remote Code Execution in Fortra FileCatalyst
CVE-2024-25153, a critical Unsafe File Upload and Directory Traversal vulnerability in Fortra FileCatalyst, allows a remote unauthenticated attacker to gain Remote Code Execution (RCE) on the web server. This affects Fortra FileCatalyst Workflow [...]