pageglimpse
sempersecurus.blogspot.com
Remove Site
sempersecurus.blogspot.com sempersecurus.blogspot.com

sempersecurus.blogspot.com

Andre' M. DiMino -SemperSecurus

December 30, 2013. Another look at a cross-platform DDoS botnet. I learned from a recent Malware Must Die. Post about a Linux malware sample that is associated with DNS amplification attacks.  As mentioned in the MMD post, several researchers have posted on this, or similar malware.  Since Im particularly interested in Linux malware, especially if it has a DDoS component, I thought Id also take a look. The malware was downloaded from . Hxxp:/ 198.2. [.] 192.204:22/disknyp. The C2 is located at . Its inte...

http://sempersecurus.blogspot.com/

OVERVIEW OF sempersecurus.blogspot.com

TRAFFIC RANK
>1,000,000
REVIEWS
0
PAGES IN THIS WEBSITE
14
LINKS TO THIS WEBSITE
53
CONTACTS
0
ADDRESSES
0
SOCIAL LINKS
3
ONLINE SINCE
n/a
WEBSITE DETAILS
SEO
PAGES
SIMILAR SITES

TRAFFIC RANK FOR SEMPERSECURUS.BLOGSPOT.COM

Date Range

TODAY'S RATING

>1,000,000

TRAFFIC RANK - AVERAGE PER MONTH

Date Range

BEST MONTH

July

AVERAGE PER DAY Of THE WEEK

Date Range

HIGHEST TRAFFIC ON

Saturday

TRAFFIC BY CITY

Sign up

CUSTOMER REVIEWS

Average Rating: 3.1 out of 5 with 8 reviews
5 star
1
4 star
3
3 star
2
2 star
0
1 star
2

Date Range

Hey there! Start your review of sempersecurus.blogspot.com

AVERAGE USER RATING

Write a Review

WEBSITE PREVIEW

Desktop Preview Tablet Preview Mobile Preview

LOAD TIME

0.2 seconds

FAVICON PREVIEW

  • sempersecurus.blogspot.com

    16x16

  • sempersecurus.blogspot.com

    32x32

  • sempersecurus.blogspot.com

    64x64

  • sempersecurus.blogspot.com

    128x128

CONTACTS AT SEMPERSECURUS.BLOGSPOT.COM

ADD CONTACT
Login

TO VIEW CONTACTS

Remove Contacts

FOR PRIVACY ISSUES

CONTENT

PAGES IN
THIS WEBSITE

14

SSL

EXTERNAL LINKS

53

SITE IP

74.125.228.204

LOAD TIME

0.192 sec

SCORE

6.2

PAGE TITLE
Andre' M. DiMino -SemperSecurus | sempersecurus.blogspot.com Reviews
<META>
DESCRIPTION
December 30, 2013. Another look at a cross-platform DDoS botnet. I learned from a recent Malware Must Die. Post about a Linux malware sample that is associated with DNS amplification attacks.  As mentioned in the MMD post, several researchers have posted on this, or similar malware.  Since Im particularly interested in Linux malware, especially if it has a DDoS component, I thought Id also take a look. The malware was downloaded from . Hxxp:/ 198.2. [.] 192.204:22/disknyp. The C2 is located at . Its inte...
<META>
KEYWORDS
1 volatility
2 linux pslist
3 the disknyp process
4 linux proc maps
5 directory
6 linux yarascan
7 final thoughts
8 posted by
9 no comments
10 plugin
CONTENT
Page content here
KEYWORDS ON
PAGE
volatility,linux pslist,the disknyp process,linux proc maps,directory,linux yarascan,final thoughts,posted by,no comments,plugin,linux pslist output,linux psaux output,linux pidhashtable output,linux netstat output,here,8 comments,analyzing malware,values
SERVER
GSE
CONTENT-TYPE
utf-8
GOOGLE PREVIEW

Andre' M. DiMino -SemperSecurus | sempersecurus.blogspot.com Reviews

https://sempersecurus.blogspot.com

December 30, 2013. Another look at a cross-platform DDoS botnet. I learned from a recent Malware Must Die. Post about a Linux malware sample that is associated with DNS amplification attacks.  As mentioned in the MMD post, several researchers have posted on this, or similar malware.  Since Im particularly interested in Linux malware, especially if it has a DDoS component, I thought Id also take a look. The malware was downloaded from . Hxxp:/ 198.2. [.] 192.204:22/disknyp. The C2 is located at . Its inte...

INTERNAL PAGES

sempersecurus.blogspot.com sempersecurus.blogspot.com
1

Andre' M. DiMino -SemperSecurus: Decoding malware SSL using Burp proxy

http://sempersecurus.blogspot.com/2011/12/decoding-malware-ssl-using-burp-proxy.html

December 12, 2011. Decoding malware SSL using Burp proxy. When performing dynamic analysis of malware, you will occasionally encounter SSL being utilized for network communication, thus preventing you from analyzing the content. Typically Wireshark. Is utilized to examine network traffic at the packet level. Wireshark has an SSL dissector that allows for the decryption of SSL traffic if you provide the decryption keys. This technique is described in detail on the Wireshark wiki. Burp also allows you to e...

2

Andre' M. DiMino -SemperSecurus: July 2012

http://sempersecurus.blogspot.com/2012_07_01_archive.html

July 31, 2012. Sharing of Forensically Interesting Objects. As I go through various forensic cases and malware studies, I often find myself producing memory dumps of the host systems under examination. I also dump registry hives and other objects related to my analysis. I gave some thought as to whether there would be a benefit to the community in my sharing of these objects. A few months back, I had a nice email exchange with Harlan Carvey. Of the Windows Incident Response. I'll rely on the community to...

3

Andre' M. DiMino -SemperSecurus: December 2011

http://sempersecurus.blogspot.com/2011_12_01_archive.html

December 12, 2011. Decoding malware SSL using Burp proxy. When performing dynamic analysis of malware, you will occasionally encounter SSL being utilized for network communication, thus preventing you from analyzing the content. Typically Wireshark. Is utilized to examine network traffic at the packet level. Wireshark has an SSL dissector that allows for the decryption of SSL traffic if you provide the decryption keys. This technique is described in detail on the Wireshark wiki. Burp also allows you to e...

4

Andre' M. DiMino -SemperSecurus: December 2013

http://sempersecurus.blogspot.com/2013_12_01_archive.html

December 30, 2013. Another look at a cross-platform DDoS botnet. I learned from a recent Malware Must Die. Post about a Linux malware sample that is associated with DNS amplification attacks.  As mentioned in the MMD post, several researchers have posted on this, or similar malware.  Since Im particularly interested in Linux malware, especially if it has a DDoS component, I thought Id also take a look. The malware was downloaded from . Hxxp:/ 198.2. [.] 192.204:22/disknyp. The C2 is located at . Its inte...

5

Andre' M. DiMino -SemperSecurus: Another look at a cross-platform DDoS botnet

http://sempersecurus.blogspot.com/2013/12/another-look-at-cross-platform-ddos.html

December 30, 2013. Another look at a cross-platform DDoS botnet. I learned from a recent " Malware Must Die. Post about a Linux malware sample that is associated with DNS amplification attacks. As mentioned in the MMD post, several researchers have posted on this, or similar malware. Since I'm particularly interested in Linux malware, especially if it has a DDoS component, I thought I'd also take a look. The malware was downloaded from. Hxxp:/ 198.2. [.] 192.204:22/disknyp. The C2 is located at. It's int...

UPGRADE TO PREMIUM TO VIEW 9 MORE

TOTAL PAGES IN THIS WEBSITE

14

LINKS TO THIS WEBSITE

antoxar.blogspot.com antoxar.blogspot.com

Details are still coming in: Detecting abnormal executable files using binary code mining

http://antoxar.blogspot.com/2013/02/detecting-abnormal-executable-les-using.html

Details are still coming in. IDA, windbg tips. CTF tasks and so on. Thursday, February 7, 2013. Detecting abnormal executable files using binary code mining. Rechkov. Lomonosov Report. PS Please don't shy to add comments and ideas! Subscribe to: Post Comments (Atom). Detecting abnormal executable files using binary co. Exploring and exploiting Lenovo firmware secrets. What does this command? Черный ящик и внедрение ошибок на Black Hat Trainings. VNSECURITY TEAM (Vietnam Internet Security Research Team).

antoxar.blogspot.com antoxar.blogspot.com

Details are still coming in: April 2011

http://antoxar.blogspot.com/2011_04_01_archive.html

Details are still coming in. IDA, windbg tips. CTF tasks and so on. Tuesday, April 12, 2011. IDAPython and CTF Task. Few month ago I read post “IDA Python = Love” in “Hacker” journal and been a pist off, because it is translate from HexBlog. And didn't told about another cool IDAPython feature – Appcall. Which appear in IDA 5.6. Here is user guide. Appcall is a mechanism used to call functions inside the debugged program from the debugger or your script as if it were a built-in function. If you have a He...

blog.0day.jp blog.0day.jp

0day.jp (ゼロデイ.JP): 「Linux/AES.DDoS」MIPS/ARMルーターマルウェア感染攻撃

http://blog.0day.jp/2015/07/linuxaesddosarm.html

Blog of { threat exploit malware vulnerability } research for Japan security. 金曜日, 7月 03, 2015. 12300;Linux/AES.DDoS」MIPS/ARMルーターマルウェア感染攻撃. Ip": "61.160.213.58", "SOA": " nmc1.ptt.js.cn. postmaster.nmc1.ptt.js.cn.", "city": "Nanjing", "region": "Jiangsu", "country": "CN", "loc": "32.0617,118.7778", "org": "AS23650 AS Number for CHINANET jiangsu province backbone" }. File size Ratio Format Name - - - - - - - - - - - - - - - - - - - - - - - - - 1156461. 参考調査記事⇒【 -1-. 12305;【 -2-. LinuxAgent malware sample ...

deependresearch.org deependresearch.org

DeepEnd Research: August 2012

http://www.deependresearch.org/2012_08_01_archive.html

Monday, August 27, 2012. CVE-2012-4681 Java 7 0-Day vulnerability analysis. Update Aug.30, 2012. Oracle issued update 7 (7u7), which fixed the vulnerability. Update: Aug. 28, 2012. Rapid 7 / Metasploit released their module. And we get a lot of questions related to it from people who wish to compare. See below the original exploit source, to be run from the command line with a security manager enabled, and it will print the contents of the C: root directory. Update: Aug. 28, 2012. At this point the patch...

deependresearch.org deependresearch.org

DeepEnd Research: CVE-2012-4681 Java 7 0-Day vulnerability analysis

http://www.deependresearch.org/2012/08/java-7-vulnerability-analysis.html

Monday, August 27, 2012. CVE-2012-4681 Java 7 0-Day vulnerability analysis. Update Aug.30, 2012. Oracle issued update 7 (7u7), which fixed the vulnerability. Update: Aug. 28, 2012. Rapid 7 / Metasploit released their module. And we get a lot of questions related to it from people who wish to compare. See below the original exploit source, to be run from the command line with a security manager enabled, and it will print the contents of the C: root directory. Update: Aug. 28, 2012. At this point the patch...

deependresearch.org deependresearch.org

DeepEnd Research: Java 7 0-Day vulnerability information and mitigation.

http://www.deependresearch.org/2012/08/java-7-0-day-vulnerability-information.html

Monday, August 27, 2012. Java 7 0-Day vulnerability information and mitigation. Update Aug.30, 2012. Oracle issued update 7 (7u7), which fixed the vulnerability. That VulnDisco SA CANVAS exploit pack now has a new Java 0-day. It makes you wonder if it is the same exploit that leaked from, or was found in the wild and then added to the CANVAS pack. Or if it is totally unrelated and there are two 0-day exploits now. The Oracle patch cycle is 4 months (middle of February, June, October) with bugfixes 2 mont...

deependresearch.org deependresearch.org

DeepEnd Research: Dirt Jumper DDoS Bot - New versions, New targets

http://www.deependresearch.org/2011/10/dirt-jumper-ddos-bot-new-versions-new.html

Wednesday, October 19, 2011. Dirt Jumper DDoS Bot - New versions, New targets. By Andre' M. DiMino. I recently encountered a malware sample that when sandboxed, exhibited a great deal of DDoS-like activity toward a large number of URLs. When I looked at the network traffic a bit more closely, it reminded me of the Dirt Jumper DDoS bot that I read about in an excellent blog post by Curt Wilson. And is gaining more buyers in underground market due to easy implementation and powerful attack methods. Sets va...

antoxar.blogspot.com antoxar.blogspot.com

Details are still coming in: January 2015

http://antoxar.blogspot.com/2015_01_01_archive.html

Details are still coming in. IDA, windbg tips. CTF tasks and so on. Monday, January 5, 2015. Using WPP to trace usermode apps. I've created sample app here. To don't forget howto include WPP into system service. For more details in Russian blog post is on habrahabr. Subscribe to: Posts (Atom). Using WPP to trace usermode apps. Exploring and exploiting Lenovo firmware secrets. What does this command? Черный ящик и внедрение ошибок на Black Hat Trainings. Tor – Xác định các exit relay độc hại.

antoxar.blogspot.com antoxar.blogspot.com

Details are still coming in: July 2013

http://antoxar.blogspot.com/2013_07_01_archive.html

Details are still coming in. IDA, windbg tips. CTF tasks and so on. Monday, July 22, 2013. UFOCTF WriteUP: Mmmm, Whiskey metal. PS I already get a few tips:. Key is SHA256 or decoded string. My brother always make "Burp" and likes tea. Here you can find a dump. Https:/ docs.google.com/file/d/0Bw72cstp5cGsMVlDSlBJU05fdVE. Here is a short how to. First you should find "Burp" log string in the memory dump. There is a two ways here. Using DebugView. Or just using search in WinDbg. Take a look inside. Buildin...

antoxar.blogspot.com antoxar.blogspot.com

Details are still coming in: March 2011

http://antoxar.blogspot.com/2011_03_01_archive.html

Details are still coming in. IDA, windbg tips. CTF tasks and so on. Friday, March 18, 2011. Lets show you decision of T4 RusCrypto task from Ufologists. We were given an access to the box on which key container was running. It was uploaded not long ago by third party developer. Container search ended with BSOD with help of antirootkit and antiviruse. Analyze the dump and find the key in root of OS. We know for sure that flag contains only latin symbols. download file. Ok Let's see all drivers in system.

UPGRADE TO PREMIUM TO VIEW 43 MORE

TOTAL LINKS TO THIS WEBSITE

53

OTHER SITES

semperscribendi.wordpress.com semperscribendi.wordpress.com

a Life in Literature | “tell the truth, but tell it slant.” emily dickinson

A Life in Literature. 8220;tell the truth, but tell it slant.” emily dickinson. 1″ Picture Frame. Twitter… I know, I know. 4 May 2009 in Me in Other Places. A bit I know, I know, I know what you’re thinking. But it’s fun, and less of a commitment. (Sorry blog, you knew I wasn’t a relationship kinda girl when we met.) I’m not nearly as addicted as others, but I tend to drop the occasional witty 140-character-comment ;). Hope all is well with you! Friends on the moon, friends in the mail. I’ve been t...

semperscribens.org semperscribens.org

Semper Scribens

Although they are only breath, words which I command are immortal." Sappho (Trans. Mary Barnard). Semper Scribens focuses on writing, reflection, and collaboration as important aspects of composition and pedagogy. I hope my musings inspire, invigorate, and interest like-minded teachers and education gurus. For updates, like Semper Scribens on Facebook. Or follow us on Twitter. All essays, fiction, poetry, photography and other materials on this page belong to the authors. Poetry and Short Fiction. If one...

semperscribo.nl semperscribo.nl

Welkom bij Semper Scribo Tekst- en Redactiebureau

In de zware klei. En redden zich amper. Tot de laatste druppel. Altijd schrijf ik Semper Scribo. Semper Scribo is het veelzijdige tekst- en redactiebureau van mij, Aukje-Tjitske Dieleman-Hovinga. Ik schrijf en redigeer vooral voor bedrijven, maar ook voor niet-commerciële instellingen. Veel verschillende soorten teksten kan Semper Scribo voor u schrijven en/of redigeren:. Reclameteksten, zoals advertorials, webteksten of folderteksten. Interviews, verslagen en reportages voor verschillende doeleinden.

sempersecure.com sempersecure.com

Semper Secure

Door Security Products and Services. Use the Contact Us link at the top of the page. Powered by InstantPage® from GoDaddy.com. Want one?

sempersecure.org sempersecure.org

Semper Secure - Home Security & Green Remodeling

Home Security and Green Remodeling. House Siding Options & Costs Explained. If you want to put new siding on your home, there are a number of different options on the market. Each option carries a different cost, appearance, and other variations. If you want something eco-friendly, you will want to look. May 14, 2015. Subscribe to our Newsletter. House Siding Options & Costs Explained.

sempersecurus.blogspot.com sempersecurus.blogspot.com

Andre' M. DiMino -SemperSecurus

December 30, 2013. Another look at a cross-platform DDoS botnet. I learned from a recent Malware Must Die. Post about a Linux malware sample that is associated with DNS amplification attacks.  As mentioned in the MMD post, several researchers have posted on this, or similar malware.  Since Im particularly interested in Linux malware, especially if it has a DDoS component, I thought Id also take a look. The malware was downloaded from . Hxxp:/ 198.2. [.] 192.204:22/disknyp. The C2 is located at . Its inte...

sempersecurus.net sempersecurus.net

sempersecurus.net is offline

Sempersecurus.net is offline. Sempersecurus.net is currently offline. Please try again later. Questions about our services? Learn more at Dyn.com.

semperseo.it semperseo.it

www.semperseo.it

Hosting su piattaforma Apache.

semperserviens.hu semperserviens.hu

EMLÉKTÁRGY KFT     ||     Semper Serviens Kft

sempersew.com sempersew.com

industrial Sowing Machine Sales | Sewing Machines for Embroidery | Just another WordPress site

PO Box 795, Jacksonville, NC 28546. Questions About Embroidery machines. We carry and service all makes and models. Semper Sew carries a full line of both new and rebuilt sewing and cutting machines. Along with our complete line of Consew and Juki industrial sewing machines, we carry Singer, Kansai, Brother, Pfaff, W&G Pegasus, and Yamato sewing machines. Repair and Delivery Services. We will go the extra mile to make sure you get exactly what you need. WE NOW CARRY PARTS AND ACCESSORIES. At Semper Sewin...



SITEMAP

Copyrights © PageGlimpse . All Rights Reserved.

By using this site, you agree to the Privacy Policy and Terms and Conditions