ZydisInfo – the disassembler that breaks the code, twice The moment I heard of machine code and its opcodes… I fell in love. Being able to understand mac... 2023-9-28 06:38:17 | 阅读: 19 | 收藏 | Hexacorn - www.hexacorn.com opcodes zydisinfo machine joel surprise

The hidden side of 24/7/365 – The dreadful APAC shift It’s easy to say ‘we follow the Sun’ or ‘we deliver that 24/7/365 service’. The story doesn’t en... 2023-9-24 06:58:16 | 阅读: 15 | 收藏 | Hexacorn - www.hexacorn.com apac night emea regional norm

Using OSINT skills for your own protection… This is probably the most unusual blog post I have ever written here… Oh, well…—TL;DR; M... 2023-9-23 06:48:48 | 阅读: 14 | 收藏 | Hexacorn - www.hexacorn.com hotel booking bypass booked refund

Documenting the undocumented – Excel’s SaveAs method… A few days ago kernelv0id asked about an undocumented Excel format that he observed being u... 2023-9-22 06:37:46 | 阅读: 11 | 收藏 | Hexacorn - www.hexacorn.com saveas malicious fileformat surprise

Analysing NSRL data set for fun and because… curious, Part 3 Nearly two years ago I published a quick summary of my analysis of NSRL data. I believe I was th... 2023-9-17 06:11:55 | 阅读: 13 | 收藏 | Hexacorn - www.hexacorn.com dwarf nsrl crc32 rds file2

Lolbins for connoisseurs… Part 2 It may sound a bit counterintuitive, but some very known lolbins often make it to places th... 2023-9-9 08:9:28 | 阅读: 12 | 收藏 | Hexacorn - www.hexacorn.com instmsiw ffmpeg instmsia jre runxx

The secret of 961c151d2e87f2686a955a9be24d316f1362bf21 A recently came across a sample that included the following, mysterious string:961c151d... 2023-9-4 02:0:4 | 阅读: 27 | 收藏 | Hexacorn - www.hexacorn.com digit hashed lessons niels revealing

Writing better Yara rules in 2023… In my previous post I mused about an impossible task – how to consolidate a large, unorganized y... 2023-8-26 08:15:33 | 阅读: 16 | 收藏 | Hexacorn - www.hexacorn.com imports mz windows 0x3c mscoree

Lolbins for connoisseurs… We are all quite fixated on a purity of lolbins. Best if it is a hidden/undocumented/unexpe... 2023-8-26 07:5:18 | 阅读: 8 | 收藏 | Hexacorn - www.hexacorn.com 7z 7za updater aunsoft software

How to start your own threat intel company? July 14, 2023 in Preaching, Threat Intellige... 2023-7-15 07:34:32 | 阅读: 24 | 收藏 | Hexacorn - www.hexacorn.com leveraging security purchasing analysis cloud

Enter Sandbox 27: Account creation July 13, 2023 in Sandboxing... 2023-7-14 07:36:15 | 阅读: 20 | 收藏 | Hexacorn - www.hexacorn.com apilog invocations rg consuming insensitive

The myth of “knowing your org” -> know_your_org.docx The cyber consulting world delivers a lot of useful security work. They do workshops, tr... 2023-6-23 07:54:19 | 阅读: 11 | 收藏 | Hexacorn - www.hexacorn.com network consulting security cloud budget

Mitre Att&ck – from JSON to CSV June 14, 2023 in Mitre Att&ck, Software Rele... 2023-6-15 07:21:58 | 阅读: 25 | 收藏 | Hexacorn - www.hexacorn.com converting crime beautifiers analysis software

Perl and Python Scripting Templates… One of the most important (basic) technical skills in cybersecurity are:Knowing Exce... 2023-6-10 07:33:10 | 阅读: 24 | 收藏 | Hexacorn - www.hexacorn.com python perl dirty spit admit

This LOLBIN doesn’t exist… June 7, 2023 in LOLBins... 2023-6-8 05:54:4 | 阅读: 19 | 收藏 | Hexacorn - www.hexacorn.com winamp rundll32 rundll

Analyzing nested, obfuscated PHP files… Many PHP webshells are encrypted, encoded, obfuscated in many different ways, but most u... 2023-6-4 06:7:18 | 阅读: 31 | 收藏 | Hexacorn - www.hexacorn.com php nf decoded webshells sg

Analysing PS2EXE executables… June 1, 2023 in Malware Analysis... 2023-6-2 06:52:56 | 阅读: 29 | 收藏 | Hexacorn - www.hexacorn.com ps2exe powershell recognize heavily aim

DeXRAY, DFIR, and the art of ambulance chasing… Pretty much all of my DeXRAY posts ever published been focusing on new versions of this... 2023-5-24 06:56:8 | 阅读: 18 | 收藏 | Hexacorn - www.hexacorn.com security refers quarantined software dfir

Blue teaming – it’s DATa complicated… May 17, 2023 in Security Logs... 2023-5-18 06:57:44 | 阅读: 19 | 收藏 | Hexacorn - www.hexacorn.com encodings security perl logsaws guardduty

Da Li’L World of DLL Exports and Entry Points, Part 6 May 12, 2023 in Archaeology, DLL Analysis... 2023-5-13 06:50:39 | 阅读: 29 | 收藏 | Hexacorn - www.hexacorn.com rundll32 malicious combos gegl software