- Aug 30, 2024 Parsing Fortinet Binary Firewall Logs
- Aug 01, 2024 Destructive IoT Malware Emulation – Part 2 of 3 – Hooking Techniques
- Jun 13, 2024 Give Me Your FortiGate Configuration Backup and I Rule Your Network
- Mar 28, 2024 Destructive IoT Malware Emulation – Part 1 of 3 – Environment Setup
- Feb 29, 2024 Recovering data from broken appliance VMDKs
- Dec 06, 2023 The csharp-streamer RAT
- Oct 13, 2023 Config Extraction from in-memory CobaltStrike Beacons
- Sep 01, 2023 QakBot Takedown Payload Analysis
- Feb 09, 2023 Defeating VMProtect's Latest Tricks
- Jun 01, 2022 Windows Registry Analysis – Today's Episode: Tasks
- Mar 23, 2022 What the Pack(er)?
- Feb 22, 2022 A Chapter Closes
- Nov 15, 2021 Guess who's back
- Aug 31, 2020 Trickbot rdpscanDll – Transforming Candidate Credentials for Brute-Forcing RDP Servers
- Mar 22, 2019 Using IDA Python to analyze Trickbot
- Nov 12, 2018 Dissecting GandCrab Version 4.3
- Sep 21, 2018 One framework to build them all, one framework to name them, and in their IDBs to bind them
- Mar 28, 2018 Dissecting Olympic Destroyer – a walk-through
- Feb 13, 2018 In debt to Retpoline
- Jan 05, 2018 Behind the scenes of a bug collision
- Nov 27, 2017 Emotet drops ZeuS Panda targeting German and Austrian online banking users
- Oct 12, 2017 Emotet harvests Microsoft Outlook
- Aug 30, 2017 DGA classification and detection for automated malware analysis
- Aug 03, 2017 Zeus Panda: Down To The Roots
- Jul 28, 2017 Negative Result: Reading Kernel Memory From User Mode
- Jul 25, 2017 Statistics and Infosec
- Jul 18, 2017 New cache architecture on Intel I9 and Skylake server: An initial assessment
- Mar 13, 2017 Zeus Panda Webinjects: Don't trust your eyes
- Mar 02, 2017 Security for Sale? – On Security Research Funding in Europe
- Mar 02, 2017 MASScan & the Problems of Static Detection of Microarchitectural attacks
- Feb 03, 2017 Zeus Panda Webinjects: a case study
- Dec 15, 2016 The Kings In Your Castle Part 5: APT correlation and do-it-yourself threat research
- Dec 05, 2016 The Kings In Your Castle Part 4: Packers, Crypters and a Pack of RATs
- Nov 14, 2016 The Kings In Your Castle Part 3: Ssdeep being fuzzy while exploits are being scarce
- Oct 31, 2016 The Kings In Your Castle Part 2: Dataset and feature extraction
- Oct 25, 2016 Micro architecture attacks on KASLR
- Oct 12, 2016 The Kings In Your Castle Part 1
- Sep 27, 2016 Covert Shotgun
- Aug 01, 2016 Two covert channels
- Jul 29, 2016 BlackHoodie #2 – We roll again :)
- Jun 27, 2016 Row hammer the short summary
- Jun 16, 2016 Cache side channel attacks: CPU Design as a security problem
- Jun 14, 2016 BlackHoodie and what came after
- Apr 18, 2016 Presenting PeNet: a native .NET library for analyzing PE Headers with PowerShell
- Mar 04, 2016 G DATA ADAN at WKÖ eDay:16 in Vienna
- Mar 02, 2016 Cyber? WTF!