/* * This file is part of the Symfony package. * * (c) Fabien Potencier * * For the full copyright and license information, please view the LICENSE * file that was distributed with this source code. */ namespace Symfony\Component\String; if (!\function_exists(u::class)) { function u(?string $string = ''): UnicodeString { return new UnicodeString($string ?? ''); } } if (!\function_exists(b::class)) { function b(?string $string = ''): ByteString { return new ByteString($string ?? ''); } } if (!\function_exists(s::class)) { /** * @return UnicodeString|ByteString */ function s(?string $string = ''): AbstractString { $string = $string ?? ''; return preg_match('//u', $string) ? new UnicodeString($string) : new ByteString($string); } } security – Page 8 – OWASP Jakarta

security

Dancho Danchev’s Blog – Mind Streams of Information Security Knowledge: The Intellexa Commercial Spyware Consortium, The Predator Spyware, NSO Group and Bulgaria’s Circles Commercial Spyware Vendor

Dancho Danchev’s Blog – Mind Streams of Information Security Knowledge: The Intellexa Commercial Spyware Consortium, The Predator Spyware, NSO Group and Bulgaria’s Circles Commercial Spyware Vendor Dear blog readers, I’ve decided to continue my post on Bulgaria’s Circles commercial spyware vendor which I profiled here in depth which appears to Read more

By adminowasp, ago

Dancho Danchev’s Blog – Mind Streams of Information Security Knowledge: Dynamic DNS Service Providers for APT Command and Control (C&C)

Dancho Danchev’s Blog – Mind Streams of Information Security Knowledge: Dynamic DNS Service Providers for APT Command and Control (C&C) Dear blog readers, The following is a compilation of dynamic DNS providers in specific ones used by APTs and various other targeted campaign obtained using public sources. Sample dynamic DNS Read more

By adminowasp, ago

Dancho Danchev’s Blog – Mind Streams of Information Security Knowledge: An OSINT Profile of U.S Secret Service’s Most Wanted Cybercriminal Danil Potekhin

Dancho Danchev’s Blog – Mind Streams of Information Security Knowledge: An OSINT Profile of U.S Secret Service’s Most Wanted Cybercriminal Danil Potekhin In this analysis we’ll take a look at the Internet connected infrastructure of U.S Secret Service’s most wanted cybercriminal with a $10M reward Danil Potekhin using a variety Read more

By adminowasp, ago

Analyse Binaries For Missing Security Features, Information Disclosure And More…

Analyse Binaries For Missing Security Features, Information Disclosure And More…



Analyse binaries for missing security features, information disclosure and more.

Extrude is in the early stages of development, and currently only supports ELF and MachO binaries. PE (Windows) binaries will be supported soon.

Usage

Usage:
extrude [flags] [file]
Flags:
-a, --all               Show details of all tests, not just those which failed.
-w, --fail-on-warning   Exit with a non-zero status even if only warnings are discovered.
-h, --help              help for extrude

Docker

You can optionally run extrude with docker via:

docker run -v `pwd`:/blah -it ghcr.io/liamg/extrude /blah/targetfile

Supported Checks

ELF

  • PIE
  • RELRO
  • BIND NOW
  • Fortified Source
  • Stack Canary
  • NX Stack

MachO

  • PIE
  • Stack Canary
  • NX Stack
  • NX Heap
  • ARC

Windows

Coming soon…

TODO

  • Add support for PE
  • Add secret scanning
  • Detect packers

(more…)

By adminowasp, ago

Dancho Danchev’s Blog – Mind Streams of Information Security Knowledge: Spamvertized Github Powershell Malicious Software Executing Campaign Spotted in the Wild

Dancho Danchev’s Blog – Mind Streams of Information Security Knowledge: Spamvertized Github Powershell Malicious Software Executing Campaign Spotted in the Wild Dear blog readers, I’ve recently intercepted a currently circulating spamvertised campaign enticing users into interacting with a Powershell script ultimately tricking them into downloading and executing malicious software on Read more

By adminowasp, ago

Emerging Biometric Security Trends: Enhancing Data Protection and Authentication

Emerging Biometric Security Trends: Enhancing Data Protection and Authentication In today’s technologically driven society, safeguarding sensitive data and ensuring secure access are paramount concerns. The exponential growth of digital transactions and interactions has brought the need for robust authentication methods beyond traditional passwords. This article sheds light on the ever-evolving Read more

By adminowasp, ago

Dancho Danchev’s Blog – Mind Streams of Information Security Knowledge: Exposing an Indian Police Spyware Cyber Operation

Dancho Danchev’s Blog – Mind Streams of Information Security Knowledge: Exposing an Indian Police Spyware Cyber Operation This analysis is based on this Wired.com story. Sample Gmail accounts known to have been involved in the campaign include:jagdish.meshraam@gmail.comdrsnehapatil64@gmail.comsinhamuskaan04@gmail.comjennifergonzales789@gmail.compayalshastri79@gmail.com Sample malicious domains known to have been involved in the campaign:researchplanet.zapto.orgsocialstatistics.zapto.orgduniaenewsportal.ddns.net Sample domain Read more

By adminowasp, ago

Dancho Danchev’s Blog – Mind Streams of Information Security Knowledge: Profiling the Gaza Hackers Team

Dancho Danchev’s Blog – Mind Streams of Information Security Knowledge: Profiling the Gaza Hackers Team In the following post I’ll profile the Gaza Hackers Team. Sample photos: Primary group’s domains: hxxp://gaza-hacker.comhxxp://hacker.pshxxp://gaza-hacker.nethxxp://gaza-hack.orghxxp://gaza-hack.infohxxp://xhackerx.comhxxp://gaza-hack.comhxxp://gaza-hackers.com Primary group’s email address accounts: moayy2ad@hotmail.comc-e@hotmail.comle0n005061@gmail.com Related domain names registered using the same email address accounts: hxxp://frontat.comhxxp://nswaa.comhxxp://elsahefa.comhxxp://naji-albatta.comhxxp://dr-sohila-edu.comhxxp://samozico.comhxxp://shahidn.comhxxp://spider-rss.comhxxp://sv4media.comhxxp://m3n4.comhxxp://shamaly.comhxxp://g2mz.comhxxp://4as7ab.comhxxp://cfpalestine.comhxxp://q8yh.comhxxp://wac-yamama.orghxxp://rawshna.orghxxp://saawa.comhxxp://4rbshare.comhxxp://lajlek.comhxxp://l7ens.comhxxp://koraw.comhxxp://kwgram.comhxxp://gwafe.comhxxp://q8ey.comhxxp://x23x.comhxxp://kuwaitpwr.comhxxp://kuwaitfn.comhxxp://abovlan.comhxxp://q8pinq.comhxxp://eli4s.comhxxp://7koma.comhxxp://juod.nethxxp://topteamdns.comhxxp://nhla7-uae.comhxxp://3agil.comhxxp://wtnfjr.comhxxp://norislam.nethxxp://universalimporting.comhxxp://gaza-shell.comhxxp://remas3.comhxxp://3dshared.comhxxp://3dm3mare.comhxxp://al-ra3ed.comhxxp://bissan-m.comhxxp://bnimashhor.comhxxp://pure4ever.nethxxp://shaatha.comhxxp://ispal.nethxxp://paldream.nethxxp://islhack.nethxxp://adsyour.nethxxp://bnimashhor.nethxxp://mr-matrix.nethxxp://amtaar-a.orghxxp://darhuda.orghxxp://downiphone.comhxxp://6ayf.orghxxp://jadoptical.comhxxp://yomo-az.comhxxp://bfbcps.comhxxp://glaroo7y.comhxxp://amal-ci.comhxxp://q8gz.comhxxp://dubai-g.comhxxp://3mrrycam.comhxxp://psdmate.comhxxp://njomksa.comhxxp://g-ghram.comhxxp://coctael.comhxxp://alhajere.infohxxp://glaoman.comhxxp://ascdascascasc.comhxxp://m7b4.comhxxp://shrooq.orghxxp://3uz.comhxxp://alhajere.nethxxp://wt2n.comhxxp://sfena.comhxxp://artsformedia.comhxxp://r-alfrsan.comhxxp://arabgmaes.comhxxp://studiomustapha.comhxxp://adamttc.comhxxp://helolhost.comhxxp://soblslam.comhxxp://forexufx.comhxxp://dsfbdfbsdfgbdsf.comhxxp://frsan-aslm.comhxxp://g2z4.comhxxp://ewfdssdcsdxc.comhxxp://sam-sport.nethxxp://fr4wa.comhxxp://sama-a.nethxxp://hayatk.nethxxp://gallerycenter.nethxxp://frfish.nethxxp://q8ey.nethxxp://cfpalestine.nethxxp://m3n4.nethxxp://wt2n.nethxxp://gaza-sporting-club.nethxxp://mo7et.nethxxp://alnkhala.comhxxp://alibel.infohxxp://q8gz.nethxxp://dlo3.nethxxp://butt3rfly.nethxxp://butt3rfly.orghxxp://pnsport.nethxxp://sawasport.nethxxp://echotic.nethxxp://healthclubxl.comhxxp://dancingqueensdk.comhxxp://dancingqueensuk.comhxxp://nadinerandle.comhxxp://hackers.toolshxxp://pinkybarbie.comhxxp://florencemodel.comhxxp://hevreman.co.ilhxxp://radiousnice.comhxxp://gaza-hacker.nethxxp://hacker.pshxxp://gaza-hack.infohxxp://gaza-hack.comhxxp://gaza-hack.orghxxp://gaza-hackers.comhxxp://xhackerx.comhxxp://gaza-hacker.comhxxp://metasploit-unleashed.comhxxp://divuae.comhxxp://xensds.comhxxp://e107arabic.comhxxp://h-asiaa.comhxxp://nsamat.comhxxp://for-pal.comhxxp://althbat.comhxxp://islamdahalan.comhxxp://37ob.comhxxp://hamedwayel.comhxxp://iraq-mawal.comhxxp://waleedalshami.comhxxp://fr27.comhxxp://faloja.ushxxp://stylatna.ushxxp://llo9.comhxxp://g-del3.comhxxp://ye7g.comhxxp://ks4-des.comhxxp://5tmat.comhxxp://3rab-moon.comhxxp://nadauae.comhxxp://ya7yati.comhxxp://hayatl.comhxxp://allsaed.comhxxp://asrarmedia.comhxxp://waw-c.comhxxp://f5f5en.comhxxp://w2tube.comhxxp://decor4me.comhxxp://hemo7.comhxxp://gaz2.comhxxp://for-rama.comhxxp://vic-and-ikes.comhxxp://ochotorena.comhxxp://litodelacruz.comhxxp://ignitemonthly.nethxxp://stylepensacola.comhxxp://litocruzxxx.comhxxp://goldencamelph.comhxxp://pensacolabookkeeping.comhxxp://lito2012.comhxxp://appleanddelucamgmnt.comhxxp://jewellery-lito.comhxxp://cocoaccountingservices.comhxxp://pensacolabookkeepers.comhxxp://elsaedps.comhxxp://cocofastlane.comhxxp://globalenergyalliance.comhxxp://g2z4.nethxxp://pauliteweb.comhxxp://a-1specialized.comhxxp://seeyamortgage.comhxxp://debtpollution.comhxxp://losmoles.comhxxp://jerseycityhomesbroker.comhxxp://woofwashers.comhxxp://ignitemonthly.comhxxp://homs-poets.comhxxp://p23x.comhxxp://perfarab.comhxxp://aya-khaled.comhxxp://3alm-a7lam.comhxxp://walazhar.comhxxp://aleys-training.comhxxp://sh-alnoor.comhxxp://enterdig.comhxxp://nshir.comhxxp://shublaq.comhxxp://nahafat.comhxxp://thwane.comhxxp://bb-all.comhxxp://bagdady.comhxxp://a-lawsc.comhxxp://nsgvoic.comhxxp://adsyour.comhxxp://yarmokg.comhxxp://qlpal.comhxxp://krameesh.nethxxp://nialb.nethxxp://3dmaxonline.nethxxp://hmsaat.nethxxp://psstad.comhxxp://elbukhary.nethxxp://gammashare.comhxxp://sawayouth.comhxxp://sadaalnaseem.comhxxp://pro-fhed.comhxxp://sh-elqloob.orghxxp://gazaf.comhxxp://pro-gsm.comhxxp://ofoqm.comhxxp://ah-ra-hi.comhxxp://almehaan.comhxxp://newgaza.comhxxp://ip-center.nethxxp://starsgifts.comhxxp://althikagroup.comhxxp://ids-ps.comhxxp://alhabeel.comhxxp://expodes.nethxxp://3dm3mare.nethxxp://3arabawinews.nethxxp://perfarab.nethxxp://banat2.nethxxp://facearab.nethxxp://azharpharm.comhxxp://artecasa-ps.comhxxp://snam-s.nethxxp://byaadr.comhxxp://t4video.comhxxp://el-eman.comhxxp://usp4.nethxxp://wtn3wtr.comhxxp://wegaza.comhxxp://itcck.comhxxp://tols.ushxxp://w6na1.comhxxp://crypal.comhxxp://mohamed-assaf.comhxxp://black-awadh.comhxxp://b7ar-n.comhxxp://h-m9mm.comhxxp://almnsour.comhxxp://alfjr-aljdid.comhxxp://gazaday.comhxxp://lbee7.comhxxp://n4days.comhxxp://qudssnaks.comhxxp://alhost24.comhxxp://flscool.comhxxp://goldenws.comhxxp://7zoorah.comhxxp://freedom-ship.comhxxp://djz-iq.comhxxp://fine4host.comhxxp://newsawa.comhxxp://forshark.comhxxp://l-voice.comhxxp://ll9x.comhxxp://m-suae.comhxxp://e3lanz.comhxxp://des4x.comhxxp://rap-elemarat.comhxxp://aljazeera-school.comhxxp://aganyna.comhxxp://2lwya.comhxxp://7bobuae.comhxxp://symbian-masters.comhxxp://xn--ggblabcjfq0cxa9oea1b.comhxxp://sh-qlq.comhxxp://t7wani.comhxxp://mujahedhisham.comhxxp://tr-shyo5y.comhxxp://vbu-host.comhxxp://hwawe.comhxxp://saawaa.comhxxp://rapidleecharab.comhxxp://abdullah-alhamami.comhxxp://tiger-a.comhxxp://rap4uae.comhxxp://l3ynk.comhxxp://roo7ii.comhxxp://mwaal.comhxxp://sona3m1.comhxxp://thegreenplains.comhxxp://pro-fahed.comhxxp://fsoft1.comhxxp://mobd3na.comhxxp://t6wery.comhxxp://xn--mgba9ayde0b.comhxxp://9adam.comhxxp://v4-sec.comhxxp://basheerfam.comhxxp://m-alkawari.comhxxp://lhfh1.comhxxp://alrafh.orghxxp://alfaloja1.orghxxp://sm-eyes.comhxxp://n7l7.comhxxp://janetalanwar.comhxxp://world-pulse.comhxxp://academy-expo.comhxxp://krtas.comhxxp://gaza-lenses.comhxxp://arlams.com Sample IPs Read more

By adminowasp, ago