Skip to content

DMFR SECURITY

another security blog…

  • Reviews
  • About

Category: forensics

100 Days of YARA – Day 4: Identifying Mach-O Files and Java Classes

On December 23, 2021December 23, 2021 By DanielIn 100 days of Yara, forensics, incident response, malware1 Comment

Detect Mach-O binaries with YARA.

100 Days of YARA – Day 1: Basics

On December 20, 2021 By DanielIn 100 days of Yara, forensics, incident response, malware1 Comment

Getting started with YARA.

YARA Rules Index

On December 20, 2021January 5, 2022 By DanielIn 100 days of Yara, forensics, incident response, malware50 Comments

YARA Rules Index

Malicious LNK Files

On September 8, 2021 By DanielIn forensics, incident response, malware, persistence, PowerShell, windowsLeave a comment

Malicious LNK files.

picoCTF 2019 shark on wire 2 Writeup

On September 5, 2021September 5, 2021 By DanielIn CTF, forensics1 Comment

picoCTF 2019 shark on the wire 2 Writeup

picoCTF 2019 shark on wire 1 Writeup

On September 5, 2021 By DanielIn CTF, forensics2 Comments

picoCTF 2019 shark on wire 1 Writeup

picoCTF WebNet1 Writeup

On September 4, 2021 By DanielIn CTF, forensics, Uncategorized1 Comment

picoCTF 2019 WebNet1 Writeup

picoCTF 2019 WebNet0 Writeup

On September 4, 2021 By DanielIn CTF, forensics2 Comments

picoCTF 2019 WebNet0 Writeup

Get-ChildItem Performance

On August 23, 2021 By DanielIn forensics, incident response, PowerShell, windowsLeave a comment

I was writing some PowerShell scripts to scan disks for certain types of malware and realized that Get-ChildItem was kind of slow. I googled around and found this site which demonstrated using robocopy.exe and dir as faster alternatives to Get-ChildItem. Here were the results I had searching for LNK files on my disk using both …

Continue reading Get-ChildItem Performance

Installing OLE Tools on Windows

On August 23, 2021 By DanielIn CTF, forensics, malware, windows1 Comment

Installing OLE Tools on Windows

Finding Processes With Suspicious CWD Using procfs

On February 27, 2021February 27, 2021 By DanielIn CTF, forensics, incident response, Linux, malware

Find malware running from temporary directories using procfs.

Finding Masquerading Processes With procfs

On February 27, 2021April 4, 2021 By DanielIn CTF, forensics, incident response, Linux, malware

Find masquerading processes using procfs.

Posts navigation

Older posts

Archives

  • February 2022 (12)
  • January 2022 (31)
  • December 2021 (15)
  • November 2021 (3)
  • October 2021 (7)
  • September 2021 (13)
  • August 2021 (13)
  • May 2021 (4)
  • April 2021 (23)
  • February 2021 (5)
  • January 2021 (6)
  • December 2020 (8)
  • February 2020 (2)
  • November 2019 (1)
  • October 2019 (2)
  • December 2018 (3)
  • July 2018 (1)
  • May 2017 (2)
  • April 2017 (5)
  • January 2017 (1)
  • December 2016 (4)

ascii assembler base64 binary C c++ cryptography CTF cyberchef ELF exiftool forensics golang hexadecimal hunting incident response java kali Linux malware netcat networking nmap pe pentesting persistence picoctf PowerShell procfs programming Python ransomware reversing reviews security shellcode shell scripting ssh steganography strings web win32 windows wireshark yara

Blog at WordPress.com.
DMFR SECURITY
Blog at WordPress.com.
  • Follow Following
    • DMFR SECURITY
    • Join 27 other followers
    • Already have a WordPress.com account? Log in now.
    • DMFR SECURITY
    • Customize
    • Follow Following
    • Sign up
    • Log in
    • Report this content
    • View site in Reader
    • Manage subscriptions
    • Collapse this bar
 

Loading Comments...