Cuckoo + KVM: the easy way

I just needed some place to store this stuff. So I’m sharing it: it’s just a cheat sheet for setting up a KVM enabled cuckoo where guest VMs will have direct internet access or Tor access if you decide so. It uses the great cuckoo-autoinstall scripts from Daniel Gallagher.

As of today (17/02/2017), it should work right away on debian testing. It might be full of errors and you might not get the same result I did, so feel free to comment.


Tech Support Scam

This Microsoft Tech Support Scam aims to make users believe their computer crashed and need a repair, offering a fake local Microsoft technical support phone number. When the users call, they’re received by a fake Microsoft agent who tells them that in order to repair their computer they must install a remote access software (usually TeamViewer). Once the operator connects it installs a fake AV and offers several subscription plans for it, telling the users that they have to pay for the service AND a subscription plan for the fake AV.


AnglerEK - EITest

In this brief introduction I will try to cover what’s all about Exploit Kits in a simple way: an Exploit Kit is a set of software tools that are usually running in a web server that aim to enumerate vulnerabilities that clients accessing it may have. Once it determines them, it tries to exploit them to install any kind of malware. The exploitation objectives are usually the browsers themselves or third party software such as Java, Adobe Flash and Microsoft Silverlight.