domain

NFTF: Useful urls for malware investigations

Published May 16, 2012 | By scriptmonkey

Figured I’d keep a copy of this on here for the next time I need to do malware investigation.

urlvoid.com – checks URL’s against lots of blacklists, emergingthreats, malwaredomainlist and zeustracker/etc…
ipvoid.com – Same as above but for IP addresses
support.clean-mx.de – Searches above databases and records logs of abuse claims. Useful as it can sometime give you extra URI’s for a host to comb your logs for. Also usefully… Continue reading →

Posted in Uncategorized | Tagged C&C, domain, ip, iptoos, malware, spyeye, threats, url, zeus nameservers | Leave a comment

Better domains for social engineering

Published June 28, 2011 | By phillips321

The other day i had to perform some brief and remote social engineering tasks. (1 day and telephone only)

I was attempting to trick a target into downloading a malicious executable by calling up, pretending to be BT (British Telecom) and then requesting that the user downloads a Speed Test in order for me to perform some “diagnostics”.

I provided the link to the customer as btsupport.com.phillips321.co.uk, unfortunately the phillips321.co.uk… Continue reading →

Posted in Uncategorized | Tagged domain, engineering, index.aspx, link, social, trick | 2 Comments

phillips321.co.uk

pen testing, security and linux

NFTF: Useful urls for malware investigations

Recent Posts

Meta

Links