AndroidProjectCreator 1.5.2-stable release

This AndroidProjectCreator updates the Log4J dependency, which is used by the org.eclipse.jgit dependency, to version 2.16.0. This update is required because CVE-2021-45046 affects 2.15.0. The previous update to version 2.15.0 addressed CVE-2021-44228. AndroidProjectCreator does not use Log4J internally, as it simply writes log messages to the standard output using System.out. The above-mentioned Git dependency gives … Read more

AndroidProjectCreator 1.5.1-stable release

This AndroidProjectCreator update brings a simple yet required change: the the org.eclipse.jgit dependency uses Log4J, which has a severe remote code execution vulnerability in it, tracked as CVE-2021-44228. To avoid needless error messages, AndroidProjectCreator embeds the logger. The Log4J version that is used, has been updated to a version that is not vulnerable anymore, which … Read more

My impression of AtHack 2021

The atHack conference in Saudi Arabia’s Riyadh, where I presented my Mobile Malware Mimicking framework (m3). The event lasted three days, from the 28th of November until and including the 30th. It was the second physical conference I attended since the pandemic started, the first being Black Hat Europe, which I wrote about previously. In … Read more

MalPull 1.3-stable release

MalPull is designed to download malware samples in bulk using a minimal amount of API calls from services that limit requests. This version purely updates the internals. Those who use the command-line interface of MalPull will not notice any differences. Those who want to use MalPull in their own project will be in for a … Read more

Less (public) activity

The last month or two, I did not find as much time to write blogs as I had hoped to. Unlike the beginning of this year, when I reflected on inactivity due to long COVID, the decrease in my current (public) activities is due to different, and positive, reasons. The preparation for my upcoming Black … Read more

Hatching Triage Java API client version 1.5 release notes

The main page for this API client can be found here. This release contains breaking changes, new features, and improved documentation. One can find the library’s code here. The latest release of the precompiled JAR can be found here. Table of contents Breaking changes New features Improved documentation Breaking changes This release contains breaking changes, … Read more

MalShare Java API client 1.2-stable release

The main page for this API client can be found here. MalShare is a free initiative for researchers to share malware samples for research purposes, which can be accessed via the website and via the API. The code can be found on Github, along with the latest release. This update contains information on breaking changes, … Read more