Dec 30, 2012

Some update on PageScan (v0.2)

It's been a while since I wrote > 1000 lines of code for a security project tool, and sorry for not mentioning about the release of PageScan earlier.

Dec 6, 2012

Another Implementation of Pseudo Random Domain for Web Malware

On my previous post, I've discussed about pseudo random domain generator used by RunForestRun malware variation.

Nov 28, 2012

Observation on RunForestRun Pseudo Random Domain

RunForestRun has known for its technique that inject an iframe along with the use of pseudo random domain in its source.

Oct 18, 2012

Blackhole v2 Deobfuscation from Ruby Perspective

Throughout this post, credit goes to Hooked on Mnemonics.

In this post, we'll going to go through quick explanation on Blackhole v2 JavaScript obfuscation

Oct 12, 2012

51la Malware Embedded Attack

Early this morning, while doing normal stuff in front of laptop, I stumbled upon a URL which I have a feeling that it might be malicious: wbtg.51872210[.]com/ywtcpm120921/8ace3ds3f4fb.html.

Oct 2, 2012

An Evening with Blackhole Exploit Kit v2.0 III

From my previous post, I managed to get the PDF sample from the exploit page and consequently get the payload within the PDF exploit itself.

Sep 28, 2012

An Evening with Blackhole Exploit Kit v2.0 II

Continuing from the previous post, I've managed to get another link of blackhole exploit page that redirect user to load PDF exploit, and getting that PDF exploit sample really made my day (even though it is early in the morning).

Sep 27, 2012

An Evening with Blackhole Exploit Kit v2.0

After went back from martial art class last night, I happened to have some times to dig around with in-the-wild Blackhole Exploit Kit (BHEK) v2.0 exploit page.

Sep 24, 2012

Timthumbs up!

Buying a ready-made wordpress theme couldn't be more easier nowadays.

Sep 21, 2012

Having fun with yara and ruby

YARA is a tool aimed at helping malware researchers to identify and classify malware samples.

Jun 8, 2012

Quick workaround for Moodle registration name

Moodle is a good web application where educators can use it to manage course effectively. It allows educators to conduct fully online courses where Moodle provide richly features such as forums, database, wikis, assignments, and quizzes.

Feb 4, 2012

Renaming MP3 files with ruby

Recently, my friend accidentally deleted my files in my external hard drive. Recovering process is quite time consuming since there is a lot of files in there.

Jan 26, 2012

Siri berinteraksi dengan HTTP


Salam 1Malaysia. Hari ini aku nak berkongsi dengan para pembaca sekalian berkenaan dengan Mechanize. Mechanize ialah sebuah library atau perpustakaan untuk ruby (juga python, perl dan lain-lain) untuk berinteraksi dengan laman sesawang secara automatik.