• Home
  • |
  • Category List |
  • WTF?
  • |

Category List

  • 4n6 (1)
  • Bindiff (1)
  • BlackHoodie reverse engineering workshop (1)
  • Emotet (4)
  • Europe (1)
  • MASScan (1)
  • banking (4)
  • beacon (1)
  • binary analysis (1)
  • botnet (1)
  • brute (1)
  • bruteforce (1)
  • c2 (1)
  • cobaltstrike (1)
  • cve-2024-21754 (1)
  • cves (1)
  • de4dot (1)
  • destructive (3)
  • dll (1)
  • dotnet (2)
  • firewall (1)
  • force (1)
  • forensics (2)
  • fortinet (1)
  • funding (1)
  • iot (3)
  • javascript (2)
  • logs (1)
  • malware (11)
  • memory (1)
  • netreactor (1)
  • packer (1)
  • panda (2)
  • policy (1)
  • pyarmor (1)
  • python (1)
  • qakbot (1)
  • qiling (3)
  • rat (1)
  • rdp (1)
  • rdpscan (1)
  • rdpscandll (1)
  • registry (1)
  • reversing (1)
  • review (1)
  • scan (1)
  • scyllahide (1)
  • security research (3)
  • suricata (1)
  • systembc (1)
  • takedown (1)
  • tasks (1)
  • trickbot (2)
  • trickster (1)
  • trojan (5)
  • unpacking (2)
  • vmdk (1)
  • vmprotect (1)
  • vmware (1)
  • web (1)
  • webinject (3)
  • whitepaper (1)
  • windows (1)
  • wiper (3)
  • zeus (3)
  • zeus panda (2)

4n6

  • Detection of Command and Control Traffic Using Suricata

Bindiff

  • One framework to build them all, one framework to name them, and in their IDBs to bind them

BlackHoodie reverse engineering workshop

  • BlackHoodie and what came after

Emotet

  • What the Pack(er)?
  • Guess who's back
  • Emotet drops ZeuS Panda targeting German and Austrian online banking users
  • Emotet harvests Microsoft Outlook

Europe

  • Security for Sale? – On Security Research Funding in Europe

MASScan

  • MASScan & the Problems of Static Detection of Microarchitectural attacks

banking

  • Emotet drops ZeuS Panda targeting German and Austrian online banking users
  • Zeus Panda: Down To The Roots
  • Zeus Panda Webinjects: Don't trust your eyes
  • Zeus Panda Webinjects: a case study

beacon

  • Config Extraction from in-memory CobaltStrike Beacons

binary analysis

  • One framework to build them all, one framework to name them, and in their IDBs to bind them

botnet

  • QakBot Takedown Payload Analysis

brute

  • Trickbot rdpscanDll – Transforming Candidate Credentials for Brute-Forcing RDP Servers

bruteforce

  • Trickbot rdpscanDll – Transforming Candidate Credentials for Brute-Forcing RDP Servers

c2

  • Detection of Command and Control Traffic Using Suricata

cobaltstrike

  • Config Extraction from in-memory CobaltStrike Beacons

cve-2024-21754

  • Give Me Your FortiGate Configuration Backup and I Rule Your Network

cves

  • Harvesting the Database - 5 CVEs in TOPqw Webportal

de4dot

  • .NET Deobfuscation

destructive

  • Destructive IoT Malware Emulation – Part 3 of 3 – Statistics
  • Destructive IoT Malware Emulation – Part 2 of 3 – Hooking Techniques
  • Destructive IoT Malware Emulation – Part 1 of 3 – Environment Setup

dll

  • Trickbot rdpscanDll – Transforming Candidate Credentials for Brute-Forcing RDP Servers

dotnet

  • .NET Deobfuscation
  • The csharp-streamer RAT

firewall

  • Parsing Fortinet Binary Firewall Logs

force

  • Trickbot rdpscanDll – Transforming Candidate Credentials for Brute-Forcing RDP Servers

forensics

  • Recovering data from broken appliance VMDKs
  • Config Extraction from in-memory CobaltStrike Beacons

fortinet

  • Give Me Your FortiGate Configuration Backup and I Rule Your Network

funding

  • Security for Sale? – On Security Research Funding in Europe

iot

  • Destructive IoT Malware Emulation – Part 3 of 3 – Statistics
  • Destructive IoT Malware Emulation – Part 2 of 3 – Hooking Techniques
  • Destructive IoT Malware Emulation – Part 1 of 3 – Environment Setup

javascript

  • Zeus Panda Webinjects: Don't trust your eyes
  • Zeus Panda Webinjects: a case study

logs

  • Parsing Fortinet Binary Firewall Logs

malware

  • Unpacking Pyarmor v8+ scripts
  • Destructive IoT Malware Emulation – Part 3 of 3 – Statistics
  • Destructive IoT Malware Emulation – Part 2 of 3 – Hooking Techniques
  • Destructive IoT Malware Emulation – Part 1 of 3 – Environment Setup
  • The csharp-streamer RAT
  • QakBot Takedown Payload Analysis
  • What the Pack(er)?
  • Guess who's back
  • Trickbot rdpscanDll – Transforming Candidate Credentials for Brute-Forcing RDP Servers
  • Emotet drops ZeuS Panda targeting German and Austrian online banking users
  • Zeus Panda: Down To The Roots

memory

  • Config Extraction from in-memory CobaltStrike Beacons

netreactor

  • .NET Deobfuscation

packer

  • Unpacking Pyarmor v8+ scripts

panda

  • Zeus Panda: Down To The Roots
  • Zeus Panda Webinjects: a case study

policy

  • Security for Sale? – On Security Research Funding in Europe

pyarmor

  • Unpacking Pyarmor v8+ scripts

python

  • Unpacking Pyarmor v8+ scripts

qakbot

  • QakBot Takedown Payload Analysis

qiling

  • Destructive IoT Malware Emulation – Part 3 of 3 – Statistics
  • Destructive IoT Malware Emulation – Part 2 of 3 – Hooking Techniques
  • Destructive IoT Malware Emulation – Part 1 of 3 – Environment Setup

rat

  • The csharp-streamer RAT

rdp

  • Trickbot rdpscanDll – Transforming Candidate Credentials for Brute-Forcing RDP Servers

rdpscan

  • Trickbot rdpscanDll – Transforming Candidate Credentials for Brute-Forcing RDP Servers

rdpscandll

  • Trickbot rdpscanDll – Transforming Candidate Credentials for Brute-Forcing RDP Servers

registry

  • Windows Registry Analysis – Today's Episode: Tasks

reversing

  • Parsing Fortinet Binary Firewall Logs

review

  • MASScan & the Problems of Static Detection of Microarchitectural attacks

scan

  • Trickbot rdpscanDll – Transforming Candidate Credentials for Brute-Forcing RDP Servers

scyllahide

  • Defeating VMProtect's Latest Tricks

security research

  • Emotet drops ZeuS Panda targeting German and Austrian online banking users
  • Emotet harvests Microsoft Outlook
  • Security for Sale? – On Security Research Funding in Europe

suricata

  • Detection of Command and Control Traffic Using Suricata

systembc

  • Defeating VMProtect's Latest Tricks

takedown

  • QakBot Takedown Payload Analysis

tasks

  • Windows Registry Analysis – Today's Episode: Tasks

trickbot

  • Guess who's back
  • Trickbot rdpscanDll – Transforming Candidate Credentials for Brute-Forcing RDP Servers

trickster

  • Trickbot rdpscanDll – Transforming Candidate Credentials for Brute-Forcing RDP Servers

trojan

  • Emotet drops ZeuS Panda targeting German and Austrian online banking users
  • Emotet harvests Microsoft Outlook
  • Zeus Panda: Down To The Roots
  • Zeus Panda Webinjects: Don't trust your eyes
  • Zeus Panda Webinjects: a case study

unpacking

  • Unpacking Pyarmor v8+ scripts
  • Defeating VMProtect's Latest Tricks

vmdk

  • Recovering data from broken appliance VMDKs

vmprotect

  • Defeating VMProtect's Latest Tricks

vmware

  • Recovering data from broken appliance VMDKs

web

  • Harvesting the Database - 5 CVEs in TOPqw Webportal

webinject

  • Emotet drops ZeuS Panda targeting German and Austrian online banking users
  • Zeus Panda Webinjects: Don't trust your eyes
  • Zeus Panda Webinjects: a case study

whitepaper

  • Zeus Panda: Down To The Roots

windows

  • Windows Registry Analysis – Today's Episode: Tasks

wiper

  • Destructive IoT Malware Emulation – Part 3 of 3 – Statistics
  • Destructive IoT Malware Emulation – Part 2 of 3 – Hooking Techniques
  • Destructive IoT Malware Emulation – Part 1 of 3 – Environment Setup

zeus

  • Emotet drops ZeuS Panda targeting German and Austrian online banking users
  • Zeus Panda: Down To The Roots
  • Zeus Panda Webinjects: a case study

zeus panda

  • Emotet drops ZeuS Panda targeting German and Austrian online banking users
  • Zeus Panda Webinjects: Don't trust your eyes
G DATA Advanced Analytics | Imprint | Privacy Policy