Phishing with typo squatting tool

Reading Time: < 1 minuteDNSTwist is a great tool for blue and red team. Github link : https://github.com/elceef/dnstwist or an online version : https://dnstwister.report/ This tool will generate a high amount of possibilities of typosquatting (addition,...

Palo Alto Networks misconfig in TMS

Reading Time: < 1 minute On Friday the 20th of December 2019 we realized that for a customer, the files that were analyzed by the Wildfire of PaloAltoNetworks via the TMS in Europe was using the Wildfire engine based in the US ! I raised an ticket, and with the...

Traps Ransomware module

If you see files likes below = NO PANIC ! zzzz346468454.txt !!!!4873487.doc XORXOR131395328.pem zzzzz1128386401.png ZZZZZ4032929292.pptx !!!!!28748750874.pst !!!!!195855848565.bmp XORXOR394587587.pdf You are probably experimenting the display of the honeypot files of...

Credential Phishing check bypass

Each system, has its limits.The Palo Alto on the latest version (tested on 9.0.1), is checking only up to 21 fields for a coupe of username and password in the bloom field.Normal creds form with 20 hidden INPUT before the Username & Password field. This shows the...