LevelBlue Blog

My whole career, I’ve always wanted to gear it towards information security. I’m always looking for ways to improve my skills in penetration testing. My hunger for knowledge and my odd craving for challenges that push me to my limits have remained insatiable. Proving something to me is important, as are establishing my InfoSec credentials. Those… Read more →

At the end of May a Middle Eastern news network published an article about the next Shanghai Cooperation Organization Summit. A week ago, AlienVault Labs detected a new malicious document targeting the area. It uses a piece of text taken from the report as a decoy: This is the first step of a multistage infection in which several servers and… Read more →

Heartbleed is a vulnerability with a CVSS score of only 5.0/10. As of this morning we have observed 840 breaches related to the Heartbleed vulnerability, CVE-2014-0160. More than enough has been said about the technical details of the vulnerability; hence I’d like to use this post to discuss the vulnerability management implications of Heartbleed, because they are both alarming… Read more →

                     Today we will analyze the detection capabilities of libemu http://libemu.carnivore.it/ [no longer available] using the Metasploit payloads. Libemu is a small library to detect and analyze x86 shellcodes using heuristics. We have written a small script to automatically generate Metasploit payloads and see if libemu is… Read more →