JUMPSEC LABS

The JUMPSEC Lab is a place where the the technical team get creative and showcase their latest security research, publications, interesting news and general thoughts!  We love what we do and are passionate about security, with some great upcoming projects planned, bookmark our site and stick around to see what we are working on.

Latest Projects from JUMPSEC LABS

API Hooking Framework

An API hooking framework, composed by a Windows driver component for library injection, a DLL file for function hooking and reporting, and a web service presenting a user interface and managing the communications between the user and the other components.
The framework is aimed towards desktop application testing and vulnerability research: allows a granular monitoring of one or more processes at runtime, giving the ability to transparently change the behaviour of the application, and performs various automated vulnerability checks, reporting whenever a potential weakness is found.
Logs sent by the framework can be filtered and searched for in the web UI, and the library injection can be selectively turned on or off based on different criteria, such as process path, username, or privilege level.

Thunder Eye – Threat Intelligence Aggregator

The project currently code-named Thunder Eye is a threat intelligence aggregator that will act as an internal and external search engine for a variety of intelligence purposes. It will collect and store data varying from vulnerability scans, DNS data, breach lists, torrent sites, honeypot networks, and some manually inserted data sourced from our threat hunting and incident response/SOC investigations. It allows our internal team and our clients to benefit from a broad range of data corresponding to their threat landscape the same way an attacker would, enabling us and our clients to defeat cyber attacks as part of usual business processes.

Follow JUMPSEC LABS

GitHub Activity

@JumpsecLabs
JumpsecLabs made JumpsecLabs/python-burp public Apr 28, 2021

Repository containing sample scripts for use with the Python Scripter Burp Suite extension.

Python 1 Updated Apr 28

@JumpsecLabs
JumpsecLabs pushed to main in JumpsecLabs/python-burp Apr 28, 2021
1 commit to main

 

Twitter

4 weeks ago
Notification Emergency Patch -VMware vCenter
VMware has released a well-documented blog post with advice on how to patch this vulnerability: https://t.co/MmGKYzTLfy
Severity: High. Exploit code public.
@VMwarevSphere #vulnerability #cybernews

Disclaimer

The information provided on this website is to be used for educational purposes only. The author is in no way responsible for any misuse of the information provided. Any actions and or activities related to the material contained within this website is solely your responsibility.