Some update on PageScan (v0.2)

It's been a while since I wrote > 1000 lines of code for a security project tool, and sorry for not mentioning about the release of PageScan earlier.

Another Implementation of Pseudo Random Domain for Web Malware

On my previous post, I've discussed about pseudo random domain generator used by RunForestRun malware variation.

Observation on RunForestRun Pseudo Random Domain

RunForestRun has known for its technique that inject an iframe along with the use of pseudo random domain in its source.

Blackhole v2 Deobfuscation from Ruby Perspective

Throughout this post, credit goes to Hooked on Mnemonics.

In this post, we'll going to go through quick explanation on Blackhole v2 JavaScript obfuscation

51la Malware Embedded Attack

Early this morning, while doing normal stuff in front of laptop, I stumbled upon a URL which I have a feeling that it might be malicious: wbtg.51872210[.]com/ywtcpm120921/8ace3ds3f4fb.html.