Phonia Toolkit – One Of The Most Advanced Toolkits To Scan Phone Numbers Using Only Free Resources

Phonia Toolkit is one of the most advanced toolkits to scan 
phone numbers using only free resources. The goal is to first gather
standard information such as country, area, carrier and line type on
any international phone numbers with a very good accuracy.

Getting started

Continue reading “Phonia Toolkit – One Of The Most Advanced Toolkits To Scan Phone Numbers Using Only Free Resources”

WSuspicious – A Tool To Abuse Insecure WSUS Connections For Privilege Escalations

This is a proof of concept program to escalate privileges on a Windows host by abusing WSUS. Details in this blog post: https://www.gosecure.net/blog/2020/09/08/wsus-attacks-part-2-cve-2020-1013-a-windows-10-local-privilege-escalation-1-day/ It was inspired from the WSuspect proxy project: https://github.com/ctxis/wsuspect-proxy
Acknowledgements

Continue reading “WSuspicious – A Tool To Abuse Insecure WSUS Connections For Privilege Escalations”

Cookiethief: a cookie-stealing Trojan for Android

We recently discovered a new strain of Android malware. The Trojan (detected as: Trojan-Spy.AndroidOS.Cookiethief) turned out to be quite simple. Its main task was to acquire root rights on the victim device, and transfer cookies used by the browser and Facebook app to the cybercriminals’ server. The exact means by which the Trojan was able to infect certain Android devices is not clear; however, it was not due to a vulnerability in the Facebook application or browser itself.

Continue reading “Cookiethief: a cookie-stealing Trojan for Android”