Posts by Category
Research
B2B Guest access: Tracking an upcoming attack vector
A technical deep dive into how B2B guest invites in Microsoft Teams can be detected, traced, and contained.
Reverse engineering canary tokens to reveal the callback tripwire.
Explores how Canarytokens leverage Authenticode certificates to embed an OCSP/CRL callback beacon.
Varalyze
Varalyze is a threat intelligence tool suite that combines a diverse range of web-based applications into one seamles...
MDE Live response file extraction script
Powershell script to safely extract potentially malicious files from an endpoint by combining 7-Zip and MDE's live re...
CTF Writeup
MetaCTF: Flash CTF
CTF writeups for two of the challenges in the MetaCTF that was hosted on the 27/03.
PicoCTF: Picker I/II/III/IV {Medium} {Reverse engineering & Binary exploit}
Walkthrough for the Picker I/II/III/IV series that consist of three reverse engineering and one binary exploit challe...
PicoCTF: Who are you? {Medium} {Web exploitation}
Writeup for the picoCTF Who are you? challenge in the web exploit category.
Malware Analysis
KoiStealer Analysis: Initial loader to credential exfiltration
KoiStealer is a info-stealer malware delivered via phishing campaigns, designed to exfiltrate browser credentials and...
Unpacking brbbot: Dissecting a persistent, covert botnet malware.
Analysis of the 'brbbot' botnet malware that allows attackers access to infected systems through C2 communication.