Tek

Doc

1

Need some automated doc

CVE-2020-14364 : arbitrary code execution in QEMU

1

Hi, CVE-2020-14364 apparently allows arbitrary code execution in QEMU in versions before 5.2.0. Pyrebox QEMU fork seem to be in version 4.0.0. Is it vulnerable to this issue? References :...

Problem building pyrebox on Debian sid

4

Hi, I am trying to build pyrebox on Debian sid. When building qemu, I get the following error in the config.log file: ``` config-temp/qemu-conf.c: In function ‘main’: config-temp/qemu-conf.c:2:25: error: null...

Galaxies are not implemented in mispy

[Bug] Can't run the scripts from another folder because of relative paths used

2

If you run the tools from another folder, it wont' work : ``` $ python ~/tools/forensic/sysdiagnose/initialyze.py file FILE Could not read version info, bailing out. Something is wrong: [Errno 2]...

Fixes a few bugs and add the creation of a detection.json files with detection results

3

Hi, This PR includes a few things : * Fixing a typo in the README (`--all-checks` and not `--all`) * Removing a YAML deprecation issue (see [this](https://github.com/yaml/pyyaml/wiki/PyYAML-yaml.load(input)-Deprecation)) * Adding the...

It would be really interesting to do that, isdi checks if apps like SuperSU [are installed](https://github.com/stopipv/isdi/blob/65291f0d5d5c5d288bd12246e27f227f83b6a1d2/phone_scanner.py#L379) which is not very useful for malware, but I think there are better ways...

Report: Not So Cozy: An Uncomfortable Examination of a Suspected APT29 Phishing Campaign

2

This one targeted US NGO and media, https://www.fireeye.com/blog/threat-research/2018/11/not-so-cozy-an-uncomfortable-examination-of-a-suspected-apt29-phishing-campaign.html

https://research.checkpoint.com/the-eye-on-the-nile/

This one should be added https://www.welivesecurity.com/2018/11/20/oceanlotus-new-watering-hole-attack-southeast-asia/