The FireEye Labs Obfuscated String Solver (FLOSS) is an open-source tool that automatically detects, extracts, and decodes obfuscated strings in Windows Portable Executable (PE) files. Malware analysts, forensic investigators, and incident responders can use FLOSS to quickly extract sensitive strings to identify indicators of compromise (IOCs). Malware authors encode strings in their programs to hide Read More …
Category: Computers
Notes – Use Templates And Keep It DRY
To “Use Templates And Keep It DRY” means to leverage templates or reusable structures and to avoid code duplication by implementing a principle of abstraction that promotes code efficiency and maintainability. Here’s a breakdown of the concept: Templates: These are reusable structures, such as code snippets, document layouts, or organizational frameworks that can be used as Read More …
How Tech Billionaires Plan to Destroy America
A look into how the tech leaders may be using the new administration to achieve their own agenda. Looking specifically at Peter Thiel, Elon Musk, Marc Andreessen, Ben Horowitz, Brian Armstrong, and David Sacks as well as their relationship with figures like JD Vance, Balaji Srinivasan, and Curtis Yarvin. There is a focused discussion on Read More …
ASM – Attack Surface Management
Attack Surface Management (ASM) focuses on identifying, monitoring, and mitigating potential vulnerabilities and risks across an organization’s entire digital footprint, including both known and unknown assets, to reduce the potential attack surface. Here’s a more detailed explanation: Continuous Process: ASM is not a one-time task, but rather a continuous process of discovery, analysis, prioritization, remediation, Read More …
Conference Video – Defending Against Power Shell Attacks
Dutch Power Shell User Group – 3rd Power Shell Saturday 2017-04-08
Hacker TV – What Is An XXE Attack?
XML files can incorporate inline references to other documents. Unsafe treatment of external references allows an attacker to probe your file system for sensitive information – an XML External Entity (XXE) attack.
clean up /boot (for Ubuntu at least)
Here is a quick set of commands to clean up the /boot partition on an Ubuntu linux system. First check what your kernel version is so you won’t delete the running kernel image: uname -r Now run this for a list of installed kernels: dpkg –list ‘linux-image*’ | grep ^ii delete the kernels you don’t Read More …
What are the advantages of FASP
The speed increases are achieved by sending larger packets than TCP, not waiting for confirmation that a packet has been received before sending the next one, and only re-sending packets that are confirmed as having been dropped. FASP (Fast and Secure Protocol), used in IBM Aspera, offers significant advantages for cloud data transfer, enabling faster, Read More …
Conference Video – Invoke-Obfuscation: PowerShell obFUsk8tion
Power Shell has increasingly become the de facto standard for penetration testers and hackers alike. It enables attackers to “live off the land” by using a Microsoft-signed binary that can execute remote code entirely in memory while bypassing both A/V and application whitelisting solutions. Today’s detection techniques monitor for certain strings in powershell.exe’s command-line arguments. Read More …
The Dangers of Project Russia
A wonderfully frightening read. My friends and family will attest, that many times I have stated that we are in open warfare with Russia in the internet/ technological realm of things. The Russia Information Warfare Manual is a very good read. The books offered a detailed program of spiritual warfare against Western democracies culminating in Read More …