archive
Category: JavaScript

2017/03/15

Something Phishy – 03-15-2017 – (Part 1)

by Destruct_Icon
Categories: Analysis, Coding, JavaScript
Tags: ,
Comments: Leave a Comment

Hurrah! Destruct_Icon back with another Something Phishy. This one today was a feisty little fellah and I’m going to break it up into two parts. Part 1 will consist of the e-mail, 1st stage and some of the 2nd stage while Part 2 will be looking at the 2nd stage, the malware as well as a listing of the indicators.[…]

2016/02/08

Something Phishy – 02-08-2016

by Destruct_Icon
Categories: Analysis, Coding, JavaScript, Network Forensics
Tags: , ,
Comments: 1 Comment

Something Phishy – Return of the Fax! And we’re back with another “Something Phishy” for February. If you ever had a postal receipt sent to your e-mail, some of the behaviors may feel very familiar to you. Apparently I received a fax from incoming@interfax.net. Let’s start by pulling all the information we can out of[…]

2016/01/06

Something Phishy

by Destruct_Icon
Categories: Analysis, Coding, JavaScript
Tags: , , ,
Comments: Leave a Comment

:Something Phishy – Files in Files: Happy new year everyone! This is Destruct_Icon and one of the things I’d like to start doing this year is writing information about some of the phishing e-mails that come in as posts dubbed “Something Phishy”. I have a few e-mail boxes that get hammered by phishing e-mails but this first one[…]

2014/10/13

Deobfuscating JavaScript and Shellcode: Debugging + Dedicated Tools – Part 2/2

Welcome to Part II of a two-part series on JavaScript and shellcode deobfuscation! In our first video, we explored a few different methods to deobfuscate JavaScript. The first session resulted in a deobfuscated HTML page complete with malicious JavaScript. In this session, I cover how the malicious JavaScript works. Additionally, I debug the shellcode that[…]

2014/08/05

Deobfuscating JavaScript and Shellcode: Debugging + Dedicated Tools – Part 1/2

Welcome to Part I of a two-part series on JavaScript and shellcode deobfuscation! In this first video, I explore a few different methods using which one can deobfuscate JavaScript. I cover using a browser-based debugger along with various Windows and Linux tools to decode scripts. We explore deobfuscating JavaScript in a real-world environment using readily-available[…]

2013/10/25

User Input Sanitization – A Triple-Pronged Approach

by 8bits0fbr@in
Categories: Coding, Java, JavaScript, PHP
Tags: No Tags
Comments: 1 Comment

User Input Sanitization User input filtering, a.k.a. input sanitization, is one of the most important concepts within the security realm.  Improper handling of user input can lead to numerous vulnerabilities, including buffer overflows, SQL injection, command injection, format string attacks, etc.  Sadly, developers often overlook the importance of this practice. While this concept extends to[…]


Today is Monday
2017/10/23