Amr Ashraf

Computer engineer interested in reverse engineering, forensics and malware analysis

Posts by Category

Malware Analysis 15
Forensic investigation 7
Offensive 3
vulnerability research 2
CTF 1

Malware Analysis

Mac OS Malware Analysis

Sharing what I got so far in Mac Malware Analysis

05 Aug 2023

7 minute read

Malware Analysis

Amadey Malware Analysis

Analysis and Detection for Amadey Malware Sample

29 Jul 2023

8 minute read

Malware Analysis

Wintapix Malicious Driver

Analysis of the newly discovered malicious Driver Wintapix

28 May 2023

4 minute read

Malware Analysis

ChatGPT_Campaign

Abusing ChatGPT in a Mass Campaign in social media Adds ...

28 Mar 2023

3 minute read

Malware Analysis

NjRAT

NjRAT Analysis, Yara rule, and Configuration Extractor ...

26 Mar 2023

4 minute read

Malware Analysis

AveMariaRAT_Mass_Detection

Explanation of how to perform a Mass detection against a malware family ...

20 Mar 2023

11 minute read

Malware Analysis

EvilQuest macOS Ransomware

Detailed analysis of EvilQuest Ransomware for macOS ...

13 Mar 2023

8 minute read

Malware Analysis

Advanced Imports Obfuscation

Dynamically resolving APIs just by parsing the PE Structures ...

05 Mar 2023

7 minute read

Malware Analysis

Malicious Documents

Conducting analysis for several malware samples packaged in different file formats ...

28 Feb 2023

7 minute read

Malware Analysis

ESXIArgs Ransomware Analysis

Detailed Analysis of ESXIArgs Ransomware...

12 Feb 2023

2 minute read

Malware Analysis

OOP MAlware Analysis

Here I will explain how to analyze malware written with OOP...

07 Feb 2023

2 minute read

Malware Analysis

AveMariaRAT Analysis

Detailed Analysis of AveMariaRAT malware know with (WARZONE RAT) ...

16 Jan 2023

4 minute read

Malware Analysis

Stop Ransomeware

Detailed analysis of The most known Ransomeware family 'STOP' ...

06 Jan 2023

5 minute read

Malware Analysis

RedLine Stealer

Investigation for on of the most sold Malware as a service Stealer in the dark web ...

01 Jan 2023

6 minute read

Malware Analysis

SmokeLoader Manual Unpacking

Investigation for the obfuscation used by the packer used to widly spread SmokeLoader Malware ...

25 Dec 2022

7 minute read

Forensic investigation

EventLog Analysis

Windows Event log parsing

18 Jul 2023

9 minute read

Forensic investigation

EDR Log Investigation

Investigating a Case through EDR logs in Kibana

30 May 2023

2 minute read

Forensic investigation

Splunk AD Threat hunting

Active Directory attack comparison from red teamer/ Threat hunter perspective

29 May 2023

2 minute read

Forensic investigation

RansomeWare Investigation

Forensic Analysis for Disk & Memory Dumped from an infected computer ...

23 Feb 2023

3 minute read

Forensic investigation

Open Source SIEM Build

Building our own SIEM Solution using Open Source tools ...

30 Jan 2023

13 minute read

Forensic investigation

Windows Forensics Investigation

Notes of study for Windows OS forensics ...

05 Jan 2023

6 minute read

Forensic investigation

Splunk Investigation

Investigation for Splunk SIEM solution incident ...

26 Feb 2022

2 minute read

Offensive

Exploit Development

Explanition of various memory corruption vulnrabilities

09 Feb 2023

23 minute read

Offensive

Windows Persistence

Windows Persistence vectors explanation

25 Jan 2023

12 minute read

Offensive

Windows Privilege escalation

Windows Privilege escalation vectors explanation

24 Jan 2023

5 minute read

vulnerability research

Patch Diffing In Depth

Explore Hoe to do a Patch Diff in a modern Windows system CVE-2023-38149 is our target in the Demo

22 Sep 2023

3 minute read

vulnerability research

CVE-2023-38146 Analysis

Analysis of 'CVE-2023-38146' Arbitrary Code Execution via Windows Themes

18 Sep 2023

1 minute read

CTF

0xL4ugh CTF 2023

Writeup for 0xL4ugh Reverse challenges ...

18 Feb 2023

3 minute read