Fragscapy: Fuzzing protocols to evade firewalls and IDS
Fragscapy is a tool that aims at detecting flaws in firewall and IDS by fuzzing the network messages sent through it. This open source project is available at Amossys' Github.
more ... Tags
active directory
AI
amossys-tools
antivirus
cert
computer vision
conferences
container
crypto
cryptography
ctf
desker
dfir
fuzzing
hardware
ia
IDA
Internet of Things
IoT
linux
Machine Learning
malware
malware analysis
microarchitecture
network
netzob
nmap
opendtex
pentest
protocols
pytorch
ransomware
ransomware cert
reverse
reverse engineering
spectre
speculative execution
stages
static analysis
teardown
threat hunting
trusted computing
vulnérabilités
vulnerability analysis
windows
Recrutement
Si vous êtes intéressés pour bosser sur des sujets sympas tout en restant loin de Paris, consultez nos offres d'emploi et envoyez nous votre CV à rh@amossys.fr.
Machine Learning in Nmap
Yes, the most famous network scanner embeds Machine Learning. Really? A deep neural network with many scientific keywords ? Not at all, I'm more talking about grandpa machine learning. Let us discover it!
more ...Smart Light Bulb Teardown
Analyse des surfaces d'attaques matérielles d'une ampoule LED connectée. Cet article analyse d'abord les échanges réseau sans fil, puis explique comment la lampe est démontée de façon non destructive pour accéder au port de debug de sa carte principale.
more ...Sujets de stage 2018-2019
Publication des offres de stage pour l'année 2018-2019. Au menu : packer, wasm, analyse de binaires, cyber range, ids, android, ia, crypto, recherche de vulnérabilités, red team et linux.
more ...MemITM, a memory fuzzer/sniffer
The MemITM tool has been developped in order to allow intercepting really easily "messages" in Windows processes memory.
more ...Portable Executable format, compilation timestamps and /Brepro flag
Portable Executable binaries embed timestamps stored by the compiler, which may in some cases appear inconsistent. This article details the origin of these inconsistencies and gives a code sample which may be used to get only the correct timestamps for threat hunting purposes.
more ...Threat Hunting (Recherche de compromissions)
BreizhCTF 2k18 Write-Ups
Amossys was a sponsor of the BreizhCTF 2k18, a French hacking competition over a single night (April 20-21th). Many challenges were proposed in a wide range of topics (Web, Reverse, Cryptography, etc). For this occasion, a team was created among our employees (Los Pedrolitos). Here are some write-ups of the solved challenges. And thanks to the organization team for this excellent event in Rennes!
more ...BADFLICK is not so bad!
We present here an in-depth analysis of the BADFLICK backdoor, which is used by the TEMP.Periscope group also known as "Leviathan".
more ...The Windows 10 TH2 INT 2E mystery
Since Windows 10 TH2, NTDLL's syscall routines have changed: syscalls can now be performed with the SYSCALL instruction, and with the INT 2E old one. We say "old" because, until this change, this method had not been supported on x64 architectures since Windows 8. So why such a change? Let's try to find out.