Infecting legitimate Android apps is a perfect way to see how devices, users, and antivirus react to these types of attacks, and it serves as a constant reminder of how tempting the mobile space is to attackers.

By Sandeep Khamu

Infecting Android apps is a perfect way to see how malicious activities in the wild, such as malware and practical jokes, affect people. This not only gives you access to user computers, but it also lets you observe how devices, users, and anti-virus software respond in these circumstances.

In this article, we will show you how to infect (or create a trojan) any…


Considering the development of the portable market and the strength of the Android working framework, it just bodes well that android hacking is progressively turning into the leading edge of hacking.

Getty Images

Mobile devices, smartphones, and tablets are increasing around the globe and gradually overtaking desktop and laptop machines. These cell phones, for the most part, run either the iOS or the Android operating framework, with Android involving the central part of all cell phone OS’s (82%). …


https://www.shellterproject.com/

Shellter is equipped for re-encoding any local 32-bit independent Windows application. Since we are endeavoring to stay away from anti-virus detection, we need to abstain from whatever may look suspicious to anti-virus programming, for example, stuffed applications or applications that have more than one area containing executable code. Shellter is designed for taking any of these 32-bit Windows applications and installing shellcode, either your custom payload or one accessible from such apps as Metasploit, in a way that is all the time hidden by anti-virus programming. …


Downloading files from the internet is not as secure as it will seem at first glance.

JMiks / Shutterstock

I’m sure you’ve heard of the Evilgrade system, which allows you to “correct” the update mechanisms of common programs by replacing legitimate files with malicious ones. Do you believe that only the application’s changes are at risk? Well, you’re mistaken. I’ll be frank with you: downloading files from the internet is not as secure as it will seem at first glance.

Another way to deliver malicious codes to the target computer is through “BDFProxy. BDFProxy is a device that was created from two unique…


https://isc.sans.edu/

As computer users become more virus-aware, malware authors are now attempting to dupe users into downloading their malicious software by masking it as a legitimate software update. Most users are aware that it is important to keep computer applications up to date in order to avoid being a victim of the malware.

“Evilgrade” framework can perform security auditing of operating systems by recreating Man in the Middle (MITM) assault. The assault works in situations where the assailant has DNS access and spoofing abilities. Evilgrade utilizes ineffectively updated framework utilities as an assault vector. A portion of the regular utilities upheld…


Adobe keeps on being sub-par in security, and subsequently, a considerable number of customer operating systems are vulnerable.

Lindsey O’Donnell

PDF, or Portable Document Format, is an extraordinarily intricate file format, represented by numerous models and semi-principles. Like HTML and CSS, it was intended for document layout and introduction. Additionally, like HTML and CSS, it has been expanded with a JavaScript motor and document API that enables developers to transform PDF reports into applications — or agents for malware.

Among the most generally utilized Adobe items is Reader. Almost every PC has some variant of Adobe Reader on it for perusing PDFs…


Linux, like any other operating system, is not immune to security threats and risks. As businesses turn to the cloud and, as a result, Linux, it’s no wonder that cybercriminals would change their attention and resources to exploit these ecosystems — and their weak spots — for nefarious purposes.

Photo by BusyLizzy

Trojans, viruses, worms, and other forms of malware that affect the Linux operating system are known as Linux malware. More than half of all web servers on the internet run a Linux distribution.

A Trojan is a form of the virus that appears to be legitimate code but does something else…


Photo by KOBU Agency on Unsplash

Empire is a post-exploitation framework. It’s an unadulterated PowerShell agent, concentrated exclusively on python with cryptographically secure communications with the add-on of flexible architecture. Empire has the means to execute PowerShell agents without the requirement of PowerShell.exe. PowerShell gives abundant offensive preferences which further incorporate the complete access of .NET, app lock whitelisting, and straight access to Win32. It likewise builds malicious binaries in memory. It gives C2 functionality and enables you to embed the second stage after the first. It can also be utilized for lateral movement.

Navigate to the “Empire” directory and run the tool using the “./empire”


Empire is a post-exploitation framework. It’s an unadulterated PowerShell agent, concentrated exclusively on python with cryptographically-secure communications with the add-on of flexible architecture. Empire has the means to execute PowerShell agents without the requirement of PowerShell.exe. PowerShell gives abundant offensive preferences which further incorporate the complete access of .NET, app lock whitelisting, and straight access to Win32. It likewise builds malicious binaries in memory. It gives C2 functionality and enables you to embed the second stage after the first. It can also be utilized for lateral movement.

What’s more, it comes helpful as it proliferates in contrast with different systems…


https://cisomag.eccouncil.org

Cybercriminals are now using remote access Trojans (RATs) disguised as apparently harmless images hosted on compromised websites, demonstrating how threat actors easily change tactics after their attack methods are detected and revealed publicly.

In this guide, we will show you the simple method of how to hide any backdoor file into the image file using Windows OS.

Let’s first start with downloading an image that you want to apply for this project.

David Artykov

Cybersecurity Professional, Penetration Testing Engineer

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store