Posts by Category
Malware Analysis
CrowdStrike abuse campaign
Technical investigation for The Loader used to deploy RamcosRat during a CrowdStrike abuse campaign...
initterm code hiding trick
BlackCat Ransomware Analysis
Mac OS Malware Analysis
Sharing what I got so far in Mac Malware Analysis
Amadey Malware Analysis
Analysis and Detection for Amadey Malware Sample
Wintapix Malicious Driver
Analysis of the newly discovered malicious Driver Wintapix
ChatGPT_Campaign
Abusing ChatGPT in a Mass Campaign in social media Adds ...
NjRAT
NjRAT Analysis, Yara rule, and Configuration Extractor ...
AveMariaRAT_Mass_Detection
Explanation of how to perform a Mass detection against a malware family ...
EvilQuest macOS Ransomware
Detailed analysis of EvilQuest Ransomware for macOS ...
Advanced Imports Obfuscation
Dynamically resolving APIs just by parsing the PE Structures ...
Malicious Documents
Conducting analysis for several malware samples packaged in different file formats ...
ESXIArgs Ransomware Analysis
Detailed Analysis of ESXIArgs Ransomware...
OOP MAlware Analysis
Here I will explain how to analyze malware written with OOP...
AveMariaRAT Analysis
Detailed Analysis of AveMariaRAT malware know with (WARZONE RAT) ...
Stop Ransomeware
Detailed analysis of The most known Ransomeware family 'STOP' ...
RedLine Stealer
Investigation for on of the most sold Malware as a service Stealer in the dark web ...
SmokeLoader Manual Unpacking
Investigation for the obfuscation used by the packer used to widly spread SmokeLoader Malware ...
Forensic investigation
Breach Investigation
Investigating the breach of the ENISA training
Linux Forensics In Depth
investigating Linux Disk Image In Depth
EventLog Analysis
Windows Event log parsing
EDR Log Investigation
Investigating a Case through EDR logs in Kibana
Splunk AD Threat hunting
Active Directory attack comparison from red teamer/ Threat hunter perspective
RansomeWare Investigation
Forensic Analysis for Disk & Memory Dumped from an infected computer ...
Open Source SIEM Build
Building our own SIEM Solution using Open Source tools ...
Windows Forensics Investigation
Notes of study for Windows OS forensics ...
Splunk Investigation
Investigation for Splunk SIEM solution incident ...
Offensive
Exploit Development
Explanition of various memory corruption vulnrabilities
Windows Persistence
Windows Persistence vectors explanation
Windows Privilege escalation
Windows Privilege escalation vectors explanation
vulnerability research
Dlink router CVEs
Detailed analysis of multiple CVES that can lead to RCE in Dlink routers via stack overflow
Patch Diffing In Depth
Explore Hoe to do a Patch Diff in a modern Windows system CVE-2023-38149 is our target in the Demo
CVE-2023-38146 Analysis
Analysis of 'CVE-2023-38146' Arbitrary Code Execution via Windows Themes