2025-03-18 | Xavier Mertens | Python Bot Delivered Through DLL Side-Loading |
2025-03-10 | Xavier Mertens | Shellcode Encoded in UUIDs |
2025-02-17 | Russ McRee | ModelScan - Protection Against Model Serialization Attacks |
2025-02-14 | Xavier Mertens | Fake BSOD Delivered by Malicious Python Script |
2025-02-06 | Xavier Mertens | The Unbreakable Multi-Layer Anti-Debugging System |
2025-01-29 | Xavier Mertens | From PowerShell to a Python Obfuscation Race! |
2025-01-28 | Xavier Mertens | Fileless Python InfoStealer Targeting Exodus |
2025-01-18 | Jim Clausing | New tool: immutable.py |
2025-01-03 | Xavier Mertens | SwaetRAT Delivery Through Python |
2024-12-31 | Xavier Mertens | No Holiday Season for Attackers |
2024-12-26 | Jesse La Grew | Capturing Honeypot Data Beyond the Logs |
2024-12-17 | Xavier Mertens | Python Delivering AnyDesk Client as RAT |
2024-11-30 | Xavier Mertens | From a Regular Infostealer to its Obfuscated Version |
2024-11-22 | Xavier Mertens | An Infostealer Searching for « BIP-0039 » Data |
2024-11-19 | Xavier Mertens | Detecting the Presence of a Debugger in Linux |
2024-11-07 | Xavier Mertens | Steam Account Checker Poisoned with Infostealer |
2024-11-05 | Xavier Mertens | Python RAT with a Nice Screensharing Feature |
2024-09-18 | Xavier Mertens | Python Infostealer Patching Windows Exodus App |
2024-09-17 | Xavier Mertens | 23:59, Time to Exfiltrate! |
2024-09-16 | Xavier Mertens | Managing PE Files With Overlays |
2024-09-13 | Jesse La Grew | Finding Honeypot Data Clusters Using DBSCAN: Part 2 |
2024-09-11 | Xavier Mertens | Python Libraries Used for Malicious Purposes |
2024-08-30 | Jesse La Grew | Simulating Traffic With Scapy |
2024-08-29 | Xavier Mertens | Live Patching DLLs with Python |
2024-08-27 | Xavier Mertens | Why Is Python so Popular to Infect Windows Hosts? |
2024-08-26 | Xavier Mertens | From Highly Obfuscated Batch File to XWorm and Redline |
2024-08-23 | Jesse La Grew | Pandas Errors: What encoding are my logs in? |
2024-08-19 | Xavier Mertens | Do you Like Donuts? Here is a Donut Shellcode Delivered Through PowerShell/Python |
2024-08-16 | Jesse La Grew | [Guest Diary] 7 minutes and 4 steps to a quick win: A write-up on custom tools |
2024-07-26 | Xavier Mertens | ExelaStealer Delivered "From Russia With Love" |
2024-07-24 | Xavier Mertens | "Mouse Logger" Malicious Python Script |
2024-07-10 | Jesse La Grew | Finding Honeypot Data Clusters Using DBSCAN: Part 1 |
2024-06-06 | Xavier Mertens | Malicious Python Script with a "Best Before" Date |
2024-05-31 | Xavier Mertens | "K1w1" InfoStealer Uses gofile.io for Exfiltration |
2024-05-30 | Xavier Mertens | Feeding MISP with OSSEC |
2024-03-13 | Xavier Mertens | Using ChatGPT to Deobfuscate Malicious Scripts |
2024-02-20 | Xavier Mertens | Python InfoStealer With Dynamic Sandbox Detection |
2024-02-08 | Xavier Mertens | A Python MP3 Player with Builtin Keylogger Capability |
2024-01-25 | Xavier Mertens | Facebook AdsManager Targeted by a Python Infostealer |
2024-01-19 | Xavier Mertens | macOS Python Script Replacing Wallet Applications with Rogue Apps |
2024-01-17 | Jesse La Grew | Number Usage in Passwords |
2024-01-08 | Jesse La Grew | What is that User Agent? |
2023-12-23 | Xavier Mertens | Python Keylogger Using Mailtrap.io |
2023-12-22 | Xavier Mertens | Shall We Play a Game? |
2023-12-16 | Xavier Mertens | An Example of RocketMQ Exploit Scanner |
2023-11-20 | Jesse La Grew | Overflowing Web Honeypot Logs |
2023-10-31 | Xavier Mertens | Multiple Layers of Anti-Sandboxing Techniques |
2023-09-30 | Xavier Mertens | Simple Netcat Backdoor in Python Script |
2023-08-25 | Xavier Mertens | Python Malware Using Postgresql for C2 Communications |
2023-08-23 | Guy Bruneau | How I made a qwerty ?keyboard walk? password generator with ChatGPT [Guest Diary] |
2023-08-22 | Xavier Mertens | Have You Ever Heard of the Fernet Encryption Algorithm? |
2023-08-17 | Jesse La Grew | Command Line Parsing - Are These Really Unique Strings? |
2023-08-11 | Xavier Mertens | Show me All Your Windows! |
2023-07-28 | Xavier Mertens | ShellCode Hidden with Steganography |
2023-06-20 | Xavier Mertens | Malicious Code Can Be Anywhere |
2023-04-28 | Xavier Mertens | Quick IOC Scan With Docker |
2023-03-18 | Xavier Mertens | Old Backdoor, New Obfuscation |
2023-03-11 | Xavier Mertens | Overview of a Mirai Payload Generator |
2023-03-01 | Xavier Mertens | Python Infostealer Targeting Gamers |
2023-02-09 | Xavier Mertens | A Backdoor with Smart Screenshot Capability |
2022-11-14 | Jesse La Grew | Extracting 'HTTP CONNECT' Requests with Python |
2022-10-24 | Xavier Mertens | C2 Communications Through outlook.com |
2022-10-18 | Xavier Mertens | Python Obfuscation for Dummies |
2022-09-26 | Xavier Mertens | Easy Python Sandbox Detection |
2022-09-14 | Xavier Mertens | Easy Process Injection within Python |
2022-08-19 | Johannes Ullrich | Windows Security Blocks UPX Compressed (packed) Binaries |
2022-08-18 | Johannes Ullrich | Honeypot Attack Summaries with Python |
2022-07-20 | Xavier Mertens | Malicious Python Script Behaving Like a Rubber Ducky |
2022-06-24 | Xavier Mertens | Python (ab)using The Windows GUI |
2022-05-24 | Yee Ching Tok | ctx Python Library Updated with "Extra" Features |
2022-04-21 | Xavier Mertens | Multi-Cryptocurrency Clipboard Swapper |
2022-01-20 | Xavier Mertens | RedLine Stealer Delivered Through FTP |
2022-01-07 | Xavier Mertens | Custom Python RAT Builder |
2022-01-06 | Xavier Mertens | Malicious Python Script Targeting Chinese People |
2021-12-10 | Xavier Mertens | Python Shellcode Injection From JSON Data |
2021-12-01 | Xavier Mertens | Info-Stealer Using webhook.site to Exfiltrate Data |
2021-08-30 | Xavier Mertens | Cryptocurrency Clipboard Swapper Delivered With Love |
2021-07-16 | Xavier Mertens | Multiple BaseXX Obfuscations |
2021-07-08 | Xavier Mertens | Using Sudo with Python For More Security Controls |
2021-07-06 | Xavier Mertens | Python DLL Injection Check |
2021-07-02 | Xavier Mertens | "inception.py"... Multiple Base64 Encodings |
2021-06-11 | Xavier Mertens | Keeping an Eye on Dangerous Python Modules |
2021-05-31 | Rick Wanner | Quick and dirty Python: nmap |
2021-05-04 | Rick Wanner | Quick and dirty Python: masscan |
2021-04-29 | Xavier Mertens | From Python to .Net |
2021-04-09 | Xavier Mertens | No Python Interpreter? This Simple RAT Installs Its Own Copy |
2021-04-02 | Xavier Mertens | C2 Activity: Sandboxes or Real Victims? |
2021-03-18 | Xavier Mertens | Simple Python Keylogger |
2020-12-10 | Xavier Mertens | Python Backdoor Talking to a C2 Through Ngrok |
2020-11-20 | Xavier Mertens | Malicious Python Code and LittleSnitch Detection |
2020-11-09 | Xavier Mertens | How Attackers Brush Up Their Malicious Scripts |
2020-10-20 | Xavier Mertens | Mirai-alike Python Scanner |
2020-10-14 | Xavier Mertens | Nicely Obfuscated Python RAT |
2020-09-18 | Xavier Mertens | A Mix of Python & VBA in a Malicious Word Document |
2020-09-03 | Xavier Mertens | Sandbox Evasion Using NTP |
2020-09-02 | Xavier Mertens | Python and Risky Windows API Calls |
2020-08-18 | Xavier Mertens | Using API's to Track Attackers |
2020-07-30 | Johannes Ullrich | Python Developers: Prepare!!! |
2019-10-29 | Xavier Mertens | Generating PCAP Files from YAML |
2018-11-26 | Russ McRee | ViperMonkey: VBA maldoc deobfuscation |
2017-11-23 | Xavier Mertens | Proactive Malicious Domain Search |
2017-10-05 | Johannes Ullrich | pcap2curl: Turning a pcap file into a set of cURL commands for "replay" |
2017-08-22 | Xavier Mertens | Defang all the things! |
2017-04-19 | Xavier Mertens | Hunting for Malicious Excel Sheets |
2017-01-12 | Mark Baggett | System Resource Utilization Monitor |
2017-01-01 | Didier Stevens | py2exe Decompiling - Part 1 |
2016-11-27 | Russ McRee | Scapy vs. CozyDuke |
2016-07-25 | Didier Stevens | Python Malware - Part 4 |
2016-07-16 | Didier Stevens | Python Malware - Part 3 |
2016-05-15 | Didier Stevens | Python Malware - Part 1 |
2014-12-04 | Mark Baggett | Automating Incident data collection with Python |
2011-02-21 | Adrien de Beaupre | What’s New, it's Python 3.2 |
2010-08-15 | Manuel Humberto Santander Pelaez | Python to test web application security |
2010-06-14 | Manuel Humberto Santander Pelaez | Python on a microcontroller? |
2010-03-30 | Marcus Sachs | Zigbee Analysis Tools |
2010-02-17 | Rob VandenBrink | Multiple Security Updates for ESX 3.x and ESXi 3.x |
2009-05-25 | Jim Clausing | More tools for (US) Memorial Day |