Skip to content

DMFR SECURITY

another security blog…

Reviews
About

Search for:

Category: windows

100 Days of YARA – Day 24: Run Keys

On January 12, 2022December 31, 2021 By DanielIn 100 days of Yara, incident response, malware, persistence, windows1 Comment

Find samples containing registry run key pathways with YARA.

REVIEW: Reversing: Secrets of Reverse Engineering

On December 29, 2021 By DanielIn books, malware, reversing, reviews, windows1 Comment

Book review of Reversing: Secrets of Reverse Engineering.

REVIEW: Practical Malware Analysis: The Hands-On Guide to Dissecting Malicious Software

On December 29, 2021 By DanielIn books, malware, reversing, reviews, windows2 Comments

My review of Practical Malware Analysis.

Accessibility Features Persistence

On September 10, 2021 By DanielIn incident response, lolbins, persistence, windowsLeave a comment

Abusing Accessibility Features as a persistence mechanism.

Malicious LNK Files

On September 8, 2021 By DanielIn forensics, incident response, malware, persistence, PowerShell, windowsLeave a comment

Malicious LNK files.

Scheduled Task Persistence

On September 7, 2021 By DanielIn incident response, persistence, windowsLeave a comment

Some notes on finding malicious Scheduled Tasks.

Get-ChildItem Performance

On August 23, 2021 By DanielIn forensics, incident response, PowerShell, windowsLeave a comment

I was writing some PowerShell scripts to scan disks for certain types of malware and realized that Get-ChildItem was kind of slow. I googled around and found this site which demonstrated using robocopy.exe and dir as faster alternatives to Get-ChildItem. Here were the results I had searching for LNK files on my disk using both …

Continue reading Get-ChildItem Performance

Installing OLE Tools on Windows

On August 23, 2021 By DanielIn CTF, forensics, malware, windows1 Comment

Installing OLE Tools on Windows

REVIEW: RED TEAM Operator: Privilege Escalation in Windows Course by SEKTOR7 Institute

On May 16, 2021 By DanielIn pentesting, windows, malware, reviews1 Comment

This is my review of the RED TEAM Operator: Privilege Escalation in Windows course offered by SEKTOR7 Institute. As an affiliate, I make money with qualifying purchases. RED TEAM Operator: Privilege Escalation in Windows is a brief introduction to the subject. As with other offerings by SEKTOR7, this course expects that you know the basics of …

Continue reading REVIEW: RED TEAM Operator: Privilege Escalation in Windows Course by SEKTOR7 Institute

Remove Carriage Return (^M) Characters with Emacs

On May 14, 2021 By DanielIn emacs, windowsLeave a comment

Remove carriage return, Control-M (^M) Characters with Emacs.

REVIEW: RED TEAM Operator: Malware Development Intermediate Course by SEKTOR7 Institute

On May 13, 2021December 29, 2021 By DanielIn malware, pentesting, reviews, windowsLeave a comment

REVIEW: RED TEAM Operator: Malware Development Intermediate Course by SEKTOR7 Institute.

REVIEW: RED TEAM Operator: Windows Evasion Course by SEKTOR7 Institute

On May 8, 2021 By DanielIn incident response, malware, pentesting, reviews, windowsLeave a comment

REVIEW: RED TEAM Operator: Windows Evasion Course by SEKTOR7 Institute.

Posts navigation

Archives

February 2022 (12)
January 2022 (31)
December 2021 (15)
November 2021 (3)
October 2021 (7)
September 2021 (13)
August 2021 (13)
May 2021 (4)
April 2021 (23)
February 2021 (5)
January 2021 (6)
December 2020 (8)
February 2020 (2)
November 2019 (1)
October 2019 (2)
December 2018 (3)
July 2018 (1)
May 2017 (2)
April 2017 (5)
January 2017 (1)
December 2016 (4)

ascii assembler base64 binary C c++ cryptography CTF cyberchef ELF exiftool forensics golang hexadecimal hunting incident response java kali Linux malware netcat networking nmap pe pentesting persistence picoctf PowerShell procfs programming Python ransomware reversing reviews security shellcode shell scripting ssh steganography strings web win32 windows wireshark yara

Blog at WordPress.com.

Blog at WordPress.com.

Follow Following
- DMFR SECURITY
- Already have a WordPress.com account? Log in now.

Loading Comments...

Write a Comment...

Email (Required)

Name (Required)

Website