Recently, I have been making efforts to learn more about reverse engineering malware. Here are some of the notes that I've taken to reinforce my learning. I am not a complete novice at working with malware, but I am by no means an expert. You have been warned. What is Reverse Engineering? Reverse engineering is …
Tag: malware
Malicious LNK Files
Malicious LNK files.
Cron Persistence
All about cron persistence
REVIEW: RED TEAM Operator: Malware Development Intermediate Course by SEKTOR7 Institute
REVIEW: RED TEAM Operator: Malware Development Intermediate Course by SEKTOR7 Institute.
REVIEW: RED TEAM Operator: Windows Evasion Course by SEKTOR7 Institute
REVIEW: RED TEAM Operator: Windows Evasion Course by SEKTOR7 Institute.
Enumerating Modules with CreateToolhelp32Snapshot
Enumerate modules with CreateToolhelp32Snapshot.
Installing CyberChef Locally on Ubuntu 20.04
I use CyberChef daily for malware analysis, programming, and CTF challenges. Installing CyberChef locally can be handy for general privacy and OPSEC reasons. A local installation also works without internet connectivity. The main drawback of using CyberChef locally is that sharing recipes and data you have decoded with your teammates isn't as straightforward as copying …
Continue reading Installing CyberChef Locally on Ubuntu 20.04
Enumerating Processes with CreateToolhelp32Snapshot
Quick and dirty example of process enumeration using CreateToolhelp32Snapshot
Enumerating Processes with WTSEnumerateProcesses
Quick example of using WTSEnumerateProcesses to enumerate processes running on a Windows machine.
Finding Processes With Suspicious CWD Using procfs
Find malware running from temporary directories using procfs.
Finding Masquerading Processes With procfs
Find masquerading processes using procfs.
Toggling Chrome Safe Browsing
Toggle Safe Browsing in Google Chrome.
DMFR SECURITY 