Download Google Play application Without an Account

Installing application on your smartphone or tablet may contain a security risk. The idea that we have several sources for applications and this allow attacker to create fake packages that can be used to infect victim devices.

Google play can be used to download required application but you will need to create an account in order to be able to install what you need. Good alternative is to consider APK downloader where it will act as a proxy and it will bring you the direct link to APK file. All what you need to do is to enter the URL for the application and you will get the direct link to the APK.

APK Downloader

This can be a good alternative in case you are looking to install APK application without a Google play account. Also you can use the chrome extension to make the files downloaded and installed on any device.

Share

Mobius Forensic Toolkit 0.5.16

Forensic frameworks are important in running investigation and finding the root cause for any incident. open source programs are widely used for creating cases and gathering evidence.  one of the open source framework is Mobius Forensic Toolkit the toolkit is extensible to investigate data from several entries such as skype and windows operating system registry.

screenshot ForensicMobius Forensic Toolkit

After installing the framework you start by creating a case this will take the name of what you need to investigate and will contain the evidence for the incident. Next you add items that are related to the incident such as the hard disk or floppies. you need to add details and information about the category.

The following step you can use the Hive extension to browse the operating system registry and you can directly drag and drop suspected registry entries and the ones you need to investigate. You can also browse Skype logs using the Skype Agent extension all logs for the application are stored  in ApplicationData/Skype.  this will allow the forensic analyst to have calls, chats, contacts, file transfers, profile data, SMS and voicemails.

you can download the framework over this link: http://freecode.com/projects/mobiusft

Share

Threatglass service to uncover the web threat landscape

Threatglass by Barracuda is a new platform that is created by security researchers to automatically analyze million of websites in the cyberspace. the framework will monitor the malicious activity and include charts and information that will help to detect and alert of new malicious codes hosted on websites.

Threat

Any user will  have the opportunity to add or analyze websites that he feel they may contain malicious threats. the information can be displayed with several categories with DNS, HTTP, and netflow in both graphical and textual formats. you can even have the pcap files which provides evidence about the attack to end user.

The information will also include links that are opened when the victim open the malicious page, screenshots recorded as in the sandbox or even to check the internet explorer crash report. Threatglass have an automatic analysis that is based on approximately 10 thousands of malwares accumulated at Barracuda Networks. it is really an amazing project that you can find over this link: http://www.threatglass.com/

Share

Grand Theft Auto V Used by Scammers

Security researchers at TrendMicro alerting of new cyber attack that is using Rockstar Game (Grand Theft Auto V).  the game is still running on  special consoles while many users are expecting to have a new version that can used on standard Computers. Here cybercriminals  have prepared a spam message claims to provide the required version.

03122014_spamsampleScreenshot for the spam message

The spam message invites user to be as a beta tester and include a link to phishing website. The attack is combined because beside the malicious link cybercriminals are attaching a zipped file named as promo code in app rockstargames.com while this is a malware that is detected as BKDR_ANDROM.ATG a Trojan used to infect and collect personal information.

If you receive a similar spam message don’t click on the HTML links and directly delete the email. Make sure to run a security software scan on any email you receive to be sure that they are safe from malicious content.

Share

Wi-Fi Password Dump v2.0

WiFi Password Dump is the free command-line tool to quickly recover all the Wireless account passwords stored on your system.

It automatically recovers all type of Wireless Keys/Passwords (WEP/WPA/WPA2 etc) stored by Windows Wireless Configuration Manager.

For each recovered WiFi account, it displays following information:

  • WiFi Name (SSID)
  • Security Settings (WEP-64/WEP-128/WPA2/AES/TKIP)
  • Password Type
  • Password in Hex format
  • Password in clear text

wifipassworddump_mainscreen_bigScreenshot for Wi-Fi Password Dump

By default it dumps all the recovered passwords to console. Now with version v2.0 onwards, you can also save the passwords to TEXT file.

Being command-line tool makes it useful for penetration testers and forensic investigators. For GUI version check out the Wi-Fi Password Decryptor.

You can download the tool on the following link

Share

Social Password Decryptor

Social Password Decryptor is the FREE software to instantly recover Passwords for popular Social Networks such as Facebook, Twitter, Google Plus etc.

It can automatically discover and recover all the social passwords stored by web browsers & messengers including Firefox, Chrome, IE, GTalk and more.

It can recover passwords for following popular Social Networks,

  • Facebook
  • Twitter
  • Google Plus
  • Linkedin
  • Pinterest
  • Myspace
  • Badoo

socialpassworddecryptor_mainscreen_bigSocial Password Decryptor interface (click to enlarge)

After the successful recovery, you can backup all the social network password list to HTML/XML/TEXT/CSV file.

you can download Social Password Decryptor over this link: http://securityxploded.com/social-password-decryptor.php

Share
hands-on-samsung-galaxy-s4

Samsung Galaxy Devices Shipped with Backdoors

New vulnerability in smartphones Samsung Galaxy have been disclosed by Replicant a free project version of Android. the bug embeds a backdoor that provides remote access to the data stored on the device of Samsung galaxy.  Modern smartphones include two separate processors , the first is designed for calculating standard applications and operating system , while the second is responsible for communication.

The second processor works with a proprietary OS , and these applications have been shipped with  backdoors that allow remotely activate various functions of a smartphone , including a microphone , GPS- locator , camera and more. As the affected processor is exposed to network attacker is allowed to compromise the system and use the backdoor.

Members of Replicant calls this program typical backdoor through which an attacker can remotely execute arbitrary actions on the device , including read, write, and delete files , run third-party programs , etc. In the model Galaxy S backdoor works as root with full administrative privileges.

You can find the research details over this link: http://redmine.replicant.us/projects/replicant/wiki/SamsungGalaxyBackdoor

 

Share