Reverse Engineering

Our efforts in Reverse engineering aids in identifying vulnerabilities, understanding threats, and formulating robust defense mechanisms, making it integral to maintaining a secure and resilient digital environment.

Malware Research

Our focus in malware research involves dissecting and understanding the operation of malicious software. By documenting their behavior and impact, we provide crucial insights that aid in devising effective defensive strategies, contributing to a better understanding and stronger defense against emerging cyber threats.

Penetration Testing

We offer penetration testing services, identifying vulnerabilities by simulating real-world attacks on your digital infrastructure. Our process uncovers potential threats, providing actionable insights for improved security measures, ensuring robust defense and resilience for your business operations.

Open-Source

Our involvement in open-source focuses on offensive security techniques and tools. We utilize and contribute to community-driven projects. This collaborative approach promotes innovative solutions, ultimately strengthening defense against evolving cyber threats.

I’m currently overwhelmed with commitments and unable to dedicate time to my public research and tools. Unfortunately, I can't predict when I’ll be more available. However, I’m still addressing bug fixes and urgent requests. I appreciate your understanding and continued support!

In this new series of articles, we're looking at how malware authors deal with spreading their work, especially when they keep the source code secret. Malware configuration is key because it lets its malicious users to change settings to suit their needs. The first article will focus on a method called EOF, also known as PE Overlay, to show how it's used to store and read malware configuration.

2 weeks, 4 days ago

In this latest installment of our "Malware Retrospective" series, we shift our lens to PrjRAPTOR, a lesser-known Remote Access Trojan that made its mark around 2008-2009, closing out the golden era of Trojan development before the focus shifted to profit-driven cybercrime. Our exclusive interview with its creator, "Ryan," provides invaluable insights into the Trojan's unique interface, development, and impact on the scene. This exploration offers a rare chance to connect with key figures who laid the groundwork for modern malware, enriching our understanding of this intricate landscape.

5 months, 2 weeks ago

Continuing our enlightening "Malware Retrospective" series, we delve back into the depths of cybersecurity history. Following our thorough examination of Beast RAT, the early 2000s' formidable malware, we now turn our focus to another significant entity of that period, SubSeven. Conceived by the mysterious figure, Mobman, this Remote Access Trojan, also known as Sub7, remains an iconic marker in the evolution of digital threats. Join us as we explore its intriguing chronicles, offering both a retrospective glance and vital lessons for today's cybersecurity landscape.

7 months, 2 weeks ago

In this inaugural instalment of the Malware Retrospective series, we take a trip down memory lane to revisit the Beast RAT, a notorious Windows RAT (Remote Access Trojan) developed by the elusive “Tataye.” This groundbreaking malware left an indelible mark on a whole generation of enthusiasts, including myself, who were captivated by its ingenuity and influence the whole scene back in it’s time.

10 months, 1 week ago

Paper

Happy New Year 2023

Happy New Year!

As we ring in the new year, we at PHROZEN would like to extend our warmest wishes to all of our clients, partners, and friends. We hope that the coming year brings you health, happiness, and prosperity.

As we look ahead to the year ahead, we are excited to announce that we will be focusing our efforts on the Unprotect project contribution, as well as working towards in passing new offensive-security certifications. While we have always been committed to delivering top-quality work to our clients, we believe that these efforts will allow us to better serve you and stay at the forefront of our industry.

We understand that this may mean that we will not be able to take on as many public projects as we have in the past, but we hope that you will understand and continue to support us as we work towards these important goals.

Thank you for your continued trust and support. Here's to a successful and fulfilling new year!

Sincerely,

1 year, 1 month ago

PostgreSQL allows developers to create their own functions, known as UDFs (User Defined Functions). These functions can be used to perform a variety of tasks within the database, such as data manipulation or analysis. However, if a UDF is not properly secured, it could potentially be exploited by a malicious actor to execute arbitrary code, such as shellcode, on the server.

To exploit a UDF, an attacker would need to have sufficient privileges to register a new function. This may be achieved through a vulnerability in an application connected to the database, such as a SQL injection. The attacker could then create and register a UDF that contains the desired shellcode, and trigger it to execute on the server.

It is important to note that this is just one example of how a UDF could potentially be exploited. It is crucial to secure your database and applications to prevent such attacks from being successful. This includes properly input validation, sanitization, and proper user privilege management.

3 years, 3 months ago