I have a PDF file that I know for a fact contains a JavaScript script file that does something malicious, not really sure what at this point. I have successfully uncompressed the PDF file and got...

I want to analyze a stream object in a PDF file which is encoded using /FlateDecode. Are there any tools which allow one to decode such encoding (ASCII85decode, LZWDecode, RunlenghtDecode etc.) us...

I am hosting a simple prototype on Amazon Lightsail and I saw some strange requests on my Django server. Is it anything to be concerned about? Invalid HTTP_HOST header: 'fuwu.sogou.com'. You may ne...

My Wordpress website got hacked. It redirected the user to some spam website. Since than I already cleaned the website and the problem does not occur anymore. The problem is, that my visitors are ...

So, I created a python program. Converted to exe using Py2Exe, and tried with PyInstaller and cx_freeze as well. All these trigger the program to be detected as virus by avast, avg, and others on v...

I have to fix a website that is infected with malware. When I try to access to the WP Admin it says "to many redirects". Hosting company did a scan, there were to many infected files. I m...

Problem:- Sometimes, on clicking on NAVBAR menu or on any div on my bootstrap website, It redirects to ads or unknown links in new tab something like this. http://cobalten.com/afu.php?zoneid=1365...

electron.js is a user interface toolkit that allows a web application to operate as an arbitrary GUI. However, there are some applications that should be considered sensitive - for instance, a GUI...

We are using an EC2(Ubuntu) amazon instance for running Apache.Recently we noticed that there is a process using the entire CPU. We removed it using the help of the following procedure [r...

I have an application I wrote for my company in Python 2.x, PyQT4, and MySQLdb and packaged with py2exe. Recently, I made some updates to the application, Porting it to Python 3.4 and PySide. I al...

Someone contacted me with a problem regarding Discord. The code below was brought to my attention as it was run around the time the problems began. Windows asks what program the code below should b...

I'm investigating a set of Windows API system calls made by a piece of malware running in a sandbox so that I can understand its malicious intent. Unfortunately, I'm struggling to understand the Zw...

<?php if (isset($_REQUEST['action']) && isset($_REQUEST['password']) && ($_REQUEST['password'] == '')) { switch ($_REQUEST['action']) { case 'get_all_links'; foreach ($wpdb-...

Recently my C programs started to act weirdly and I had no idea why... Then I realized that they were being flagged by my antivirus program as malware... First I thought there's a malware in my com...

Does anyone know what app is writing to file "%TEMP%\Encoding Time.csv"? The file is constantly growing. Searching Internet did not yield any meaningful results. Below is an example of th...

JShell by default enables a persistent history of everything typed, which can be recalled by pressing the up arrow. Where is the setting to turn this ❝feature❞ off? Also, how do I even clear the ...

I want to scan files for virus and malware before they are uploaded to the server. For example, once a user uploads a file, there should be a scanner to detect if there is a virus or malware and re...

there, Which application uses port 6443 and for what? I want this information because when I use the command nmap with mi ip, there is a line that puts "6443 sun-sr-https". Is it something a...

I have three websites all hosted on the same webserver. Recently I was working on one of the websites and noticed that, about a month ago, a bunch of files had been changed. Specifically, all insta...

I found some of my users visiting a site that seemed to have a Bitcoin mining JS script in its code: <script src = "hxxps://coin-hive.com/lib/coinhive.min.js"></script><script> ...

I downloaded Microsoft SDK and Visual Studio 2015 on Windows 10 and a shortcut to file WPCups.exe showed up on my desktop. It's located in C:\Windows\SysWOW64\WindowsPowerShell\v1.0\Modules\T...

I have seen some Android apps on my phone require this android.permission.READ_PHONE_STATE permission. I don't know if I could trust them. I know this permission will give the app access to many in...

Every page I browse with Chrome shows this error in the console: extensions::uncaught_exception_handler:8 Error in event handler for (unknown): SyntaxError: Failed to execute 'insertRule' on 'C...

I'm a little bit lost on this issue, so please excuse me. I know there are other threads on SO about this but I can't find the answer. On the site when it's loaded it doesn't matter where the use...

Let us try to access http://yahoo.com@3627729518 with any browser. We get redirected to google.com. 3627729518 is the decimal representation of 11011000.00111010.11000010 .01101110 without dots...