Find samples containing registry run key pathways with YARA.
Book review of Reversing: Secrets of Reverse Engineering.
My review of Practical Malware Analysis.
Detect applications utilizing WinSock with YARA.
Find PE files with YARA.
Abusing Accessibility Features as a persistence mechanism.
Malicious LNK files.
Some notes on finding malicious Scheduled Tasks.
I was writing some PowerShell scripts to scan disks for certain types of malware and realized that Get-ChildItem was kind of slow. I googled around and found this site which demonstrated using robocopy.exe and dir as faster alternatives to Get-ChildItem. Here were the results I had searching for LNK files on my disk using both …
Installing OLE Tools on Windows
This is my review of the RED TEAM Operator: Privilege Escalation in Windows course offered by SEKTOR7 Institute. As an affiliate, I make money with qualifying purchases. RED TEAM Operator: Privilege Escalation in Windows is a brief introduction to the subject. As with other offerings by SEKTOR7, this course expects that you know the basics of …
Remove carriage return, Control-M (^M) Characters with Emacs.