Recent posts
CanaryTokens: Reverse engineering .exe CanaryTokens to reveal the callback tripwire.
Explores how Canarytokens leverage Authenticode certificates to embed an OCSP/CRL callback beacon.
KoiStealer Analysis: Initial loader to credential exfiltration
KoiStealer is a info-stealer malware delivered via phishing campaigns, designed to exfiltrate browser credentials and...
Unpacking brbbot: Dissecting a persistent, covert botnet malware.
Analysis of the 'brbbot' botnet malware that allows attackers access to infected systems through C2 communication.
Varalyze
Varalyze is a threat intelligence tool suite that combines a diverse range of web-based applications into one seamles...
MetaCTF: Flash CTF
CTF writeups for two of the challenges in the MetaCTF that was hosted on the 27/03.
PicoCTF: Picker I/II/III/IV {Medium} {Reverse engineering & Binary exploit}
Walkthrough for the Picker I/II/III/IV series that consist of three reverse engineering and one binary exploit challe...
PicoCTF: Who are you? {Medium} {Web exploitation}
Writeup for the picoCTF Who are you? challenge in the web exploit category.
MDE Live response file extraction script
Powershell script to safely extract potentially malicious files from an endpoint by combining 7-Zip and MDE's live re...