Date Author Title
2024-08-26Xavier MertensFrom Highly Obfuscated Batch File to XWorm and Redline
2024-05-22Rob VandenBrinkNMAP Scanning without Scanning (Part 2) - The ipinfo API
2024-03-28Xavier MertensFrom JavaScript to AsyncRAT
2024-02-21Jan KoprivaPhishing pages hosted on archive.org
2024-01-12Xavier MertensOne File, Two Payloads
2023-11-17Jan KoprivaPhishing page with trivial anti-analysis features
2023-08-23Xavier MertensMore Exotic Excel Files Dropping AgentTesla
2023-05-20Xavier MertensPhishing Kit Collecting Victim's IP Address
2022-11-04Xavier MertensRemcos Downloader with Unicode Obfuscation
2022-08-11Xavier MertensInfoStealer Script Based on Curl and NSudo
2022-06-16Xavier MertensHoudini is Back Delivered Through a JavaScript Dropper
2022-06-01Jan KoprivaHTML phishing attachments - now with anti-analysis features
2022-05-09Xavier MertensOctopus Backdoor is Back with a New Embedded Obfuscated Bat File
2022-01-18Jan KoprivaPhishing e-mail with...an advertisement?
2022-01-04Xavier MertensA Simple Batch File That Blocks People
2021-11-18Xavier MertensJavaScript Downloader Delivers Agent Tesla Trojan
2021-10-21Brad Duncan"Stolen Images Evidence" campaign pushes Sliver-based malware
2021-09-17Xavier MertensMalicious Calendar Subscriptions Are Back?
2021-05-28Xavier MertensMalicious PowerShell Hosted on script.google.com
2021-05-22Xavier Mertens"Serverless" Phishing Campaign
2021-05-18Xavier MertensFrom RunDLL32 to JavaScript then PowerShell
2021-04-28Xavier MertensDeeper Analyzis of my Last Malicious PowerPoint Add-On
2021-03-19Xavier MertensPastebin.com Used As a Simple C2 Channel
2020-11-13Xavier MertensOld Worm But New Obfuscation Technique
2020-11-09Xavier MertensHow Attackers Brush Up Their Malicious Scripts
2020-07-24Xavier MertensCompromized Desktop Applications by Web Technologies
2020-06-11Xavier MertensAnti-Debugging JavaScript Techniques
2020-06-08Didier StevensTranslating BASE64 Obfuscated Scripts
2020-05-08Xavier MertensUsing Nmap As a Lightweight Vulnerability Scanner
2020-03-27Xavier MertensMalicious JavaScript Dropping Payload in the Registry
2020-02-22Xavier MertensSimple but Efficient VBScript Obfuscation
2020-02-07Xavier MertensSandbox Detection Tricks & Nice Obfuscation in a Single VBScript
2019-09-26Rob VandenBrinkMining MAC Address and OUI Information
2019-08-30Xavier MertensMalware Dropping a Local Node.js Instance
2019-08-22Xavier MertensSimple Mimikatz & RDPWrapper Dropper
2019-08-09Xavier Mertens100% JavaScript Phishing Page
2019-06-10Xavier MertensInteresting JavaScript Obfuscation Example
2019-02-21Xavier MertensSimple Powershell Keyloggers are Back
2019-02-07Xavier Mertens Phishing Kit with JavaScript Keylogger
2018-07-13Xavier MertensCryptominer Delivered Though Compromized JavaScript File
2018-06-19Xavier MertensPowerShell: ScriptBlock Logging... Or Not?
2018-06-18Xavier MertensMalicious JavaScript Targeting Mobile Browsers
2018-05-01Xavier MertensDiving into a Simple Maldoc Generator
2017-07-08Xavier MertensA VBScript with Obfuscated Base64 Data
2017-06-22Xavier MertensObfuscating without XOR
2017-03-24Xavier MertensNicely Obfuscated JavaScript Sample
2017-03-04Xavier MertensHow your pictures may affect your website reputation
2017-02-12Xavier MertensAnalysis of a Suspicious Piece of JavaScript
2017-02-02Rick WannerMultiple vulnerabilities discovered in popular printer models
2016-12-13Xavier MertensUAC Bypass in JScript Dropper
2016-08-28Guy BruneauSpam with Obfuscated Javascript
2016-06-18Rob VandenBrinkControlling JavaScript Malware Before it Runs
2016-02-20Didier StevensLocky: JavaScript Deobfuscation
2016-02-07Xavier MertensMore Malicious JavaScript Obfuscation
2016-01-15Xavier MertensJavaScript Deobfuscation Tool
2015-08-07Tony CarothersCritical Firefox Update Today
2015-03-12Johannes UllrichWho got the bad SSL Certificate? Using tshark to analyze the SSL handshake.
2014-08-29Johannes UllrichFalse Positive or Not? Difficult to Analyze Javascript
2014-08-12Adrien de BeaupreHost discovery with nmap
2014-07-02Johannes UllrichSimple Javascript Extortion Scheme Advertised via Bing
2014-01-17Russ McReeMassive RFI scans likely a free web app vuln scanner rather than bots
2013-11-04Manuel Humberto Santander PelaezWhen attackers use your DNS to check for the sites you are visiting
2013-08-07Johannes UllrichFirefox 23 and Mixed Active Content
2013-07-20Manuel Humberto Santander PelaezDo you have rogue Internet gateways in your network? Check it with nmap
2013-07-01Manuel Humberto Santander PelaezUsing nmap scripts to enhance vulnerability asessment results
2013-04-23Russ McReeMicrosoft's Security Intelligence Report (SIRv14) released
2013-02-11John BambenekIs This Chinese Registrar Really Trying to XSS Me?
2013-02-08Kevin ShorttIs it Spam or Is it Malware?
2013-02-04Russ McReeAn expose of a recent SANS GIAC XSS vulnerability
2013-01-30Richard PorterGetting Involved with the Local Community
2013-01-25Johannes UllrichVulnerability Scans via Search Engines (Request for Logs)
2012-08-16Johannes UllrichA Poor Man's DNS Anomaly Detection Script
2012-06-25Guy BruneauUsing JSDetox to Analyze and Deobfuscate Javascript
2012-05-22Johannes Ullrichnmap 6 released
2012-04-25Daniel WesemannBlacole's obfuscated JavaScript
2012-01-22Johannes UllrichJavascript DDoS Tool Analysis
2012-01-12Rob VandenBrinkStuff I Learned Scripting - Fun with STDERR
2012-01-03Bojan ZdrnjaThe tale of obfuscated JavaScript continues
2011-12-07Lenny ZeltserV8 as an Alternative to SpiderMonkey for JavaScript Deobfuscation
2011-11-10Rob VandenBrinkStuff I Learned Scripting - - Parsing XML in a One-Liner
2011-11-07Rob VandenBrinkStuff I Learned Scripting - Evaluating a Remote SSL Certificate
2011-08-24Rob VandenBrinkCitrix Access Gateway Cross Site Scripting vulnerability and fix ==> http://support.citrix.com/article/CTX129971
2011-06-06Manuel Humberto Santander PelaezPhishing: Same goal, same techniques and people still falling for such scams
2011-04-23Manuel Humberto Santander PelaezImage search can lead to malware download
2011-01-24Rob VandenBrinkWhere have all the COM Ports Gone? - How enumerating COM ports led to me finding a “misplaced” Microsoft tool
2010-12-02Kevin JohnsonRobert Hansen and our happiness
2010-07-29Rob VandenBrinkNoScript 2.0 released
2010-07-04Manuel Humberto Santander PelaezMalware inside PDF Files
2010-03-05Kyle HaugsnessJavascript obfuscators used in the wild
2009-05-04Tom ListonAdobe Reader/Acrobat Critical Vulnerability
2009-04-07Bojan ZdrnjaAdvanced JavaScript obfuscation (or why signature scanning is a failure)
2009-04-02Bojan ZdrnjaJavaScript insertion and log deletion attack tools
2009-02-25Andre LudwigAdobe Acrobat pdf 0-day exploit, No JavaScript needed!
2008-07-14Daniel WesemannObfuscated JavaScript Redux
2008-06-30Marcus SachsMore SQL Injection with Fast Flux hosting
2008-05-20Raul SilesList of malicious domains inserted through SQL injection
2008-04-29Bojan ZdrnjaScripts in ASF files
2008-04-06Daniel WesemannAdvanced obfuscated JavaScript analysis
2008-04-03Bojan ZdrnjaMixed (VBScript and JavaScript) obfuscation