| https://twitter.com/silascutler | |
| Website | https://silascutler.com/ |
| Github | https://github.com/silascutler/ |
Silas Cutler
- 657 Followers
- 637 Following
- 88 Posts
\x90\x90\x90\x90\x90
I've been seeing Vshell in #opendirs for a few years. With the recent attention, it was time to do a proper write-up on it:
https://censys.com/blog/vshell/
https://censys.com/blog/vshell/
Vshell: A Chinese-Language Alternative to Cobalt Strike - Censys
Vshell is a Go-based remote administration tool that provides post-compromise capabilities for network pivoting and proxying. While the project is marketed as non-malicious, publicly available project materials have referenced offensive tradecraft (e.g., screenshots involving Mimikatz), and the tool has been observed in unauthorized contexts as a means of remote server management. Its distribution model has […]
larsbornSomeone did some shenanigans with api.malshare.com: https://github.com/Malshare/MalShare/issues/86. No meaningful leakage of data happened.
If you have visibility and analysis cycles, any input is appreciated!
Check out the agenda for [un]prompted . It was incredible to see what folks submitted and I'm excited to see everyone in March
Join me next week at the @SANSInstitute #CTISummit in Arlington, VA where I'll be presenting on an operation against the infostealer #Rhadamanthys from early in its development.
Register @ https://www.sans.org/u/1CtB
Come see me talk at the @SANSInstitute #CTISummit in Arlington, VA about the infostealer #Rhadamanthys during its early development.
zer0If somebody wants to experiment with android malware and automation the kimwolf samples are handy. The version from 27th of December can be downloaded here (I didn't see it on @abuse_ch bazaar @malshare or mwdb): https://filebin.net/gatxzxfda652o1hd
Critical MongoDB Uninitialized Memory Disclosure Vulnerability [CVE-2025-14847] #MongoBleed
From Censys scanning, we're seeing around 87,000 possibly vulnerable hosts
