Date Author Title
2023-06-29Brad DuncanGuLoader- or DBatLoader/ModiLoader-style infection for Remcos RAT
2023-03-31Guy BruneauUsing Linux grep and Windows findstr to Manipulate Files
2022-01-01Didier StevensExpect Regressions
2021-07-30Xavier MertensInfected With a .reg File
2021-05-02Didier StevensPuTTY And FileZilla Use The Same Fingerprint Registry Keys
2020-03-27Xavier MertensMalicious JavaScript Dropping Payload in the Registry
2018-01-12Bojan ZdrnjaThose pesky registry keys required by critical security patches
2017-12-13Xavier MertensTracking Newly Registered Domains
2017-11-15Xavier MertensIf you want something done right, do it yourself!
2017-09-18Xavier MertensGetting some intelligence from malspam
2017-06-17Guy BruneauMapping Use Cases to Logs. Which Logs are the Most Important to Collect?
2017-03-19Xavier MertensSearching for Base64-encoded PE Files
2016-05-22Pasquale StirparoThe strange case of WinZip MRU Registry key
2014-11-04Daniel WesemannWhois someone else?
2014-02-09Basil Alawi S.TaherMandiant Highlighter 2
2013-07-21Guy BruneauWhy use Regular Expressions?
2013-07-10Johannes Ullrich.NL Registrar Compromisse
2012-05-06Jim ClausingTool updates and Win 8
2011-01-24Rob VandenBrinkWhere have all the COM Ports Gone? - How enumerating COM ports led to me finding a “misplaced” Microsoft tool
2011-01-12Richard PorterYet Another Data Broker? AOL Lifestream.
2009-03-01Jim ClausingCool combination of tools
2008-08-15Jim ClausingOMFW 2008 reflections