Code injection on Windows using Python: a simple example

Recently i had to perform some comparative tests on a couple of whitelisting solutions.

One of the crucial step of the test was the proper functioning of memory monitoring feature, useful in case of process injection: infact, when a trusted process has been started, an attacker may use it as vector for inject a malicious code.

In order to perform this check, i’ve decided to wrote a little PoC for 32bit systems dedicated to this test.

Continue…

How to check Cloudflare cache status programmatically

Just imagine: your small web app, that allows user to download medium-large ZIP files, due a lucky reddit post, suddenly start to receive huge amount of traffic, and specifically a lot of downloads.

The server is a small tier with a very small bandwith: a peak of downloads after a new file release turn in a DDOS for your webapp.

Continue…