Tor Proxy for Malware Analysis


I don’t know how You working,, but I usually work thru Tor – and thx for our Friends from TorProject for their effort in anonymity.

But – If You research malware thru it – there are issues that I learned by myself, and now centralizing it for those who also interested.

My twitt


was, as it appear, not 100% clear and create more mess than clear things up.

So – let’s structure it a bit ๐Ÿ™‚

Read more…

BlackHole Exploit Kit 2.0 – anti-forensics features announced


So, major news in malware world today – release of BlackHole Exploit Kit ver 2.0, announced by Paunch at the morning.

Full text of Advertisement You may read in Russian and translated english at Kafeine’s blog

Since my part of the interest is anti-forensics features, let’s see, what exactly Paunch ad disclose:

Read more…

Android mobile device & Google Play – security ideas


If You have mobile device, that use Android, you surely somehow familiar with Google Play. If not โ€“ visit it at

Android-based mobile devices by default require account in Google Play to updates, software installation whatever. So, You obviously have Gmail account [Your email address, actually], that You use to authenticate here. And password is saved in Your mobile. And it [mobile device] always connected to Google Play.

But, as always, there are interesting features that we can exploit :))

Read more…

Tags :   

Egged WiFi – security review [v. 0.2]


Today review results – improvement detected! ๐Ÿ™‚ But…

Read more…

Tags :   

How secure “AMMYY Admin” is – thoughts and results


Another recent review of mine, about AMMYY Admin software – usually used for quick and easy remote access to computer.


1. Fast [it is damn fast, indeed]

2. Simple for end user:ย  Click – Run – Spell – Approve.

3. No installation required (possible, but not have to) + free.

4. Embedded File Explorer to transfer files between computers (both ways)

5. Secure [so they say, at least!]ย  ….

Let’s see:

Read more…

Egged WiFi – Security review


As You may noticed previously, I am frequent customer of Free WiFi from Egged\Mako.

Here is look of bored person to some minor (or not – who knows) configuration issues during theย  trip on Egged bus, when there was a problem with Internet.

Read more…

You should see, if You pentester.


Aluc talk on 28c3

Actually, all talk is repeating summary. Important is a structure, that allow You threat pentesting as a job, not as an art of acting. Plus – correct way to communicate with client. Recommended.

Thx Aluc, btw, for link to Chris Nickerson talk last year on BruCON. Missed one.

Tags :