Clik here to view.
Dumping Malware Configuration Data from Memory with Volatility
When I first start delving in memory forensics, years ago, we relied upon controlled operating system crashes (to create memory crash dumps) or the old FireWire exploit with a special laptop. Later,...
View ArticleClik here to view.
Of Malware and Adware: Why Forbes Did Not Serve Me Malware
The topic of web-based advertising is always a hot topic for discussion, debate, and outright argument. One realizes that the Internet in which we've grown accustomed to is reliant on ads; after all,...
View ArticleClik here to view.
Solving the 2015 FLARE On Challenges
The second annual FLARE On is a reverse engineering challenge put forth by the FireEye Labs Advanced Reverse Engineering (FLARE). While accepted as a very advanced and tactical recruiting method, it...
View ArticleCreating a Malware Sandbox in Seconds with Noriben.
Happy New Years!As part of the new year, let's make an effort to make your defensive posture better, especially through quicker and more effective malware analysis! A few years ago I created a sample...
View ArticleClik here to view.
GrrCon 2015 - Memory Forensics - Grabbing all the Flags...
Today we bring you a special guest posting by Tony "@captcook32" Cook. Late last year GrrCon hosted their anticipatory excellent set of challenges which included an in depth memory forensics challenge...
View ArticleClik here to view.
Running the Labyrenth: Unit 42 CTF
At least once a year I try to publish my work process for a Capture The Flag (CTF) event. If you're not familiar with CTFs, they're a timed challenge of very difficult or obscure challenges to gain a...
View ArticleClik here to view.
Exploring the Labyrenth (2017 Edition)
2017 brings us one of the best, though newest, CTFs: Palo Alto's LabyREnth.The 2016 iteration was a grueling set of 3 dozen challenges across multiple topics that tested one's ability, skill, patience,...
View ArticleMalicious PDF Analysis: Reverse code obfuscation
I normally don't find the time to analyze malware at home, unless it is somehow targeted towards me (like the prior write-up of an infection on this site). This last week I received a very suspicious...
View ArticleEnforcing the Law at the Mid Atlantic Collegiate Cyber Defense Competition...
The MidAtlantic Collegiate Cyber Defense Competition (MACCDC) is one of the many regional CCDCs that includes a somewhat unique aspect: law enforcement and investigations. For those unfamiliar with...
View ArticleMalicious PDF Analysis: Reverse code obfuscation
I normally don't find the time to analyze malware at home, unless it is somehow targeted towards me (like the prior write-up of an infection on this site). This last week I received a very suspicious...
View ArticleClik here to view.
Flare-On 9 - The Worst Writeups
Since its inaugural year I have been a participant in the FireEye / Mandiant Flare-On challenges produced by FLARE, the FireEye Labs Advanced Reverse Engineering. FLARE is one of the industry's most...
View ArticleClik here to view.
Huntress CTF 2023 - Unique Approaches to Fun Challenges
As someone who has participated in numerous Capture The Flag (CTF) competitions, I was excited when Huntress Lab announced their CTF late last year. Anytime a new organization ventures into hosting...
View Article