1 little known secret of regsvr32.exe, take two There is an archaic feature that regsvr32.exe leverages to autoregister libraries associate... 2023-12-27 08:9:35 | 阅读: 14 | 收藏 | Hexacorn - www.hexacorn.com txtfile library regsvr32 dllmain

1 little known secret of runonce.exe (32-bit) When you execute 32-bit version of runonce.exe on a 64-bit version of Windows and pass to i... 2023-12-26 23:22:47 | 阅读: 10 | 收藏 | Hexacorn - www.hexacorn.com iernonce library runonce loaded

1 little known secret of regsvr32.exe The little known secret of regsvr32.exe is…You ready?You can load multiple DLLs at... 2023-12-26 06:23:50 | 阅读: 28 | 收藏 | Hexacorn - www.hexacorn.com hhctrl ocx regsvr32 windows yup

2 less known secrets of Windows command command-driven line tools… Many Windows tools support commands f.ex.:reg.exe – QUERY, ADD, DELETE, COPY, SAVE, RE... 2023-12-25 19:15:35 | 阅读: 10 | 收藏 | Hexacorn - www.hexacorn.com identical detections getkeyname

Copyright banners – re-visited Over a decade ago I posted some random copyright banner stats from my (relatively small by... 2023-12-19 08:52:9 | 阅读: 14 | 收藏 | Hexacorn - www.hexacorn.com banners xmrig llc jean adler

Custom Install Path & portability issues If you’ve been reading my blog for a while now you will know that I love to challenge my threat... 2023-12-14 08:8:10 | 阅读: 11 | 收藏 | Hexacorn - www.hexacorn.com niauth instruments software labview ni

Proof of life… ‘Blade Runner’ – the cult classic movie – teaches us that the (non-)human traits/behaviors can b... 2023-12-2 08:6:39 | 阅读: 10 | 收藏 | Hexacorn - www.hexacorn.com software download telemetry producing

File System artifacts for known security software Inspired by Phill Moore’s new project called Ruler, I combed my collection of all old Hijac... 2023-11-26 18:59:37 | 阅读: 10 | 收藏 | Hexacorn - www.hexacorn.com phill hijackthis ruler progressive rebranding

Looking for the randomness in the most non-AI/ML way… Here’s an old-school file name-based research… it is not game changing, it won’t bring any immed... 2023-11-25 08:27:57 | 阅读: 12 | 收藏 | Hexacorn - www.hexacorn.com infixes 5m icreinstall regexes immediate

The world of partially downloaded files… Anytime you download a file via a browser, instant messenger, or other apps… it is first sa... 2023-11-23 07:23:3 | 阅读: 7 | 收藏 | Hexacorn - www.hexacorn.com download microsoft instant messenger brave

Lolbins for connoisseurs… Part 3 I love exploring unexplored software paths. And not necessarily on the assembly level – and that... 2023-11-16 06:52:24 | 阅读: 7 | 收藏 | Hexacorn - www.hexacorn.com software portablegit depthai mingw64

Who am I? Asking for my file friend: whoami.exe… There is a lot talk about whoami.exe recently, so here’s one more post about it…When we talk... 2023-11-12 07:28:40 | 阅读: 18 | 收藏 | Hexacorn - www.hexacorn.com whoami windows winsxs microsoft

Email domains AD 2023 Back in a day (90s/2000s), if you wanted an email, there were lots of (free) email providers ava... 2023-11-4 07:21:29 | 阅读: 52 | 收藏 | Hexacorn - www.hexacorn.com yahoo hotmail rr nl jp

Beyond the good ol’ .bashrc entry… Part 3 UpdateAfter I posted it, @netspooky pinged me with some additional info. Apparently, th... 2023-10-29 05:15:23 | 阅读: 15 | 收藏 | Hexacorn - www.hexacorn.com stephan apparently oriented autostart nodisplay

Beyond the good ol’ .bashrc entry… Part 2 Okay, okay, yup, it is a series now. Part two is here!Browsing available Ubuntu apps on... 2023-10-28 06:21:47 | 阅读: 13 | 收藏 | Hexacorn - www.hexacorn.com chm kchmviewer okay yup horrible

Hunting for Windows API prototypes and descriptions… Over the years I have made a lot of attempts to systematically extract Windows API information f... 2023-10-26 07:49:37 | 阅读: 22 | 收藏 | Hexacorn - www.hexacorn.com windows microsoft par kinda createfile

Mapping Chrome extension IDs to their names, Part 2 Nearly 2 years ago I published the first part, so it’s time for a quick update. And thi... 2023-10-21 06:19:51 | 阅读: 12 | 收藏 | Hexacorn - www.hexacorn.com publishing

What Champagne to drink? Reading articles about criminals enjoying (I really hope they are not just flexing) drinking the... 2023-10-18 06:49:54 | 阅读: 12 | 收藏 | Hexacorn - www.hexacorn.com champagne pérignon vintage drinking favorite

Dexray v2.33 Even in 2023 Dexray seems to be delivering value to DFIR practitioners. I am always very hu... 2023-10-14 06:43:54 | 阅读: 5 | 收藏 | Hexacorn - www.hexacorn.com dexray quarantined humbled perl security

Beyond the good ol’ .bashrc entry… Part 1 I really don’t know if this is the first post in the series, or just a one-off that is also, the... 2023-9-30 07:18:54 | 阅读: 11 | 收藏 | Hexacorn - www.hexacorn.com dconf windows footprint cousin