Hello, World! In this article, I will demonstrate how you can use Python to create a simple file canary that sends an email to your Gmail account whenever a specified file is accessed. More specifically, in this tutorial, you’ll learn how to send emails and extract file information with Python and then use these capabilities to implement a simple file canary. Let’s get started by understanding what canaries are and how they are used in cybersecurity.

What are Canaries?

Back in the day, when coal mining was a widespread profession, coal miners would bring hundreds of canaries with them into coal mines. Because…

Hello, World! In this article, you will learn how to use the Go programming language to create a Phishing website. We will use Go’s built-in net/httppackage and the third-party gorilla/mux package for handling all of the necessary HTTP functionality. You will also learn how to use the wget command-line tool to clone a target website and also how to make the necessary modifications to the target website’s index file so that we can gather some credentials! Let’s get to it!

DISCLAIMER: do not use the information contained in this article for malicious purposes.

Cloning our Target Login Page

The target login page chosen for this…

Hello, World! In this article, I will demonstrate a proof of concept Python “virus” that infects other Python files with backdoor code. The Python script uses Python’s built-in socket module for creating a listener to connect to and Python’s built-in subprocess module for executing commands on the victim machine, while also establishing persistence by creating a cronjob to run the malware every day at 13:37 pm. The final Python script is included towards the end of this article. Let’s get started by understanding the most important part of any backdoor: establishing communications.

ATTENTION: Please do not use the Python script…

Hello, World! In this tutorial, you will learn how to use Python to interact with the Windows API and in particular how to access and manipulate the memory of a running process. I will begin by introducing some of the Windows API functions I’ll be using in the final Python script provided towards the end of this article. Let’s get started!

Windows API Functions for Process Manipulation

Although the Windows API functions we are about to use should work, depending on the antivirus solution being used, these functions can also be flagged as malicious because of how often they are used by malware to do exactly…

Hi! In this tutorial, I’ll show you how to access the Windows Registry with Python.

For this tutorial, we will not need to install any dependencies because Python has a module that we can utilize to achieve our goal, which will be introduced later. At the end of the article, an example Python script is provided that extracts potentially important forensic information from the Windows Registry. Let’s get to it!

What is the Windows Registry?

The Windows Registry is a tree-structured database that contains critical information for all users on a Windows operating system. There are several folders that make up the root of the…

Backdoor: “An undocumented way of gaining access to a computer system.”

Hello, Reader! In this article, I will give a high-level summary of FireEye’s detailed report on the SUNBURST malware — the malware used as the payload for the trojanized update that was rolled out for SolarWind’s Orion software. Before diving into the inner workings of the malware, let’s discuss how this malware was distributed to thousands of SolarWind’s Orion customers via a supply chain attack.

The SolarWind’s Supply Chain Attack

The hackers (currently being tracked as UNC2452 by FireEye) behind SolarWind’s supply chain attack compromised the update servers responsible for storing and distributing the…

In this article, I will show you how to perform a deauthentication attack using Python and how to use Wireshark to filter for and analyze 802.11 deauthentication frames. To perform the attack yourself, you will need a WIFI adapter that supports monitor mode and packet injection. If you do not have one, there are still lots of concepts to take away from this article, so do not be afraid to continue reading. Let’s dive in!

Disclaimer: Please do not use the script created in this tutorial for disconnecting anyone off of their network without their consent.

How does a Deauthentication Attack Work?

Hello, Reader! In this article, you will learn how to install Tor and configure it in a way that will allow us to make requests with Python to the dark web via Tor’s SOCKS proxy (oooh). We will also install some Python packages that will allow us to increase our anonymity while browsing the dark web by creating new Tor identities. Let’s get to it!

Note: I am working within a Kali Linux VM so if you aren’t using a Debian-based OS, you will need to find the equivalent package manager commands. Also, there are all sorts of strange (and…