top of page
Search


Vulnerability Scanners and the SAINT Experience
Vulnerability scanners assist in the identification and detection of vulnerabilities arising from misconfigurations or insecure coding with
Mattia Campagnano & Wade Ma
Jul 14, 20209 min read


Weaponizing Windows Binaries and Scripts (LOLBAS): What's Old Is New Again
One of the latest trends in penetration testing and malware development is to weaponize the so-called Living Off the Land Binaries and Scrip
Mattia Campagnano
May 20, 20207 min read


Cybersecurity Tips to Get Through the Coronavirus Pandemic
As we all learn to deal with this new, temporary norm, we must not sacrifice our convictions for strong cybersecurity. Hackers are currently
Peter Quach
Mar 18, 20206 min read


Automated Obfuscation of Windows Malware and Exploits Using O-LLVM
Today’s malware authors and exploit developers have automated methods of obfuscating their software, When these techniques are combined with
Wade Ma
Mar 3, 20209 min read


Ransomware Attacks Are on the Rise, Should You Pay the Ransom?
However, sometimes the answer to this question cannot be so clear-cut. Much depends on how valuable the information being held for ransom is
Mattia Campagnano
Feb 3, 20209 min read


The CISO asked me to run Ransomware on his laptop
The executive’s laptop had the very latest version of a cloud-based, next-generation antivirus endpoint detection and response software, whi
Fred Mastrippolito
Jun 18, 20192 min read


Wi-Fi Hacking: A How To for Penetration Testers
To sniff Wi-Fi, we use Alfa USB Wi-Fi adapter which connects to laptop via USB. For longer range sniffing, the 16 dBi Yagi antenna can be co
Liana Parakesyan
May 15, 20197 min read


Using Intezer Analyze to Reveal Malware Ancestry and Assist IR and Forensic Investigations
Today, much of the malware still operates via the same concept of infecting machines and spreading throughout networks. Due to this, it only
Liana Parakesyan
Feb 21, 20194 min read


Polito, Inc. at the George Mason University Cyber Security Innovation Forum
Speakers at the event were CEOs and Managing Directors from companies such as, Accenture Federal Services, RunSafe Security, George Mason Un
Ronny Thammasathiti
Feb 15, 20192 min read


Enhancing Digital Forensics with ReversingLabs Plugins: Now for X-Ways!
At Polito Inc., our forensic experts often rely on X-Ways Forensics to rapidly acquire and analyze digital computer evidence. X-Ways Forensi
Ben Hughes
Nov 16, 20184 min read


How To Explore The Dark Web: It's Easier Than You Think
There is a lot of confusion over deep web vs. dark web; they are often used interchangeably, which is wrong. In essence the term “deep web”
Roman Romanenco
Apr 5, 20188 min read


Enhancing Digital Forensics with ReversingLabs Hash Query Plugin for Autopsy
Polito Inc. has partnered with ReversingLabs (RL) and has developed a plugin extension called ReversingLabs Lookup Utility for Autopsy. Auto
Liana Parakesyan
Mar 5, 20183 min read


How to Build Your Own DNS Sinkhole and DNS Logs Monitoring System
While Pi-hole includes a nice web-based admin interface, I started to experiment with shipping its dnsmasq logs to the Elastic (AKA ELK) sta
Ben Hughes
Feb 5, 201811 min read


Meltdown and Spectre: Quick Overview and Next Steps
The purpose of this blog post is not to provide an exhaustive overview of Meltdown and Spectre, but instead to provide key points and caveat
Ben Hughes
Jan 4, 20185 min read


Unpacking script2exe Malware
Script2exe functions by packaging the original VBScript as an encrypted resource within a PE stub. The original script is retained in the EX
Ian Duffy
Nov 14, 20174 min read
Is Kaspersky Antivirus Safe to Use?
With the important caveats that the story appears to still be evolving and many details are not publicly known at this point, recent...
Ben Hughes
Oct 13, 201710 min read


Unwrap Your Malware
*This blog entry was originally published on June 23, 2015 on the original Polito Blog. It was re-posted on October 3, 2017 due to...
Polito, Inc.
Oct 3, 20175 min read


Netcat Reverse Shell Fixup
*This blog entry was originally published on July 27, 2015 on the original Polito Blog by Ian Duffy . It was re-posted on October 3, 2017...
Ian Duffy
Jul 27, 20173 min read


AppLocker and Software Restriction Policies
*This blog entry was originally published on July 5, 2017 on the original Polito Blog by Ian Duffy . It was re-posted on October 3, 2017...
Ian Duffy
Jul 5, 20173 min read


Vulnerability Assessment vs. Penetration Test: Key Differences and Objectives
On occasion we encounter questions about the differences between a vulnerability assessment and penetration test. While the end goal in both
Ben Hughes
Mar 13, 20175 min read
bottom of page