unSafe.sh - 不安全
我的收藏
今日热榜
公众号文章
导航
Github CVE
Github Tools
编码/解码
文件传输
Twitter Bot
Telegram Bot
Rss
黑夜模式
Beyond good ol’ Run key, Part 141
February 25, 2023 in Autostart (Persistence)...
2023-2-26 07:55:35 | 阅读: 24 |
收藏
|
Hexacorn - www.hexacorn.com
microsoft
shadowpad
combos
mastodon
packard
Excelling at Excel, Part 3
One of the most common use cases we come across during our malware analysis exercises is...
2023-1-22 08:56:23 | 阅读: 35 |
收藏
|
Hexacorn - www.hexacorn.com
vlookup
isna
sample3
filled
formula
Yara rules pageant
A few days ago I posted a very specific question on Twitter and Mastodon:You’ve got...
2023-1-21 08:12:5 | 阅读: 27 |
收藏
|
Hexacorn - www.hexacorn.com
github
mega
yarac
gist
duplicates
Decrypting SHell Compiled (SHC) ELF files
January 13, 2023 in elf, linux, shc...
2023-1-14 07:37:28 | 阅读: 90 |
收藏
|
Hexacorn - www.hexacorn.com
shc
f8
realized
decrypted
0x400fdd
Excelling at Excel, Part 2
Today I will talk about automated query-building using Excel. Working as a detection...
2023-1-8 08:1:1 | 阅读: 22 |
收藏
|
Hexacorn - www.hexacorn.com
formula
processes
avoiding
formulas
Excelling at Excel, Part 1
In my old article I have demonstrated an atypical approach one may take to browse throug...
2023-1-7 08:18:24 | 阅读: 33 |
收藏
|
Hexacorn - www.hexacorn.com
formulas
b1
formatting
security
dates
Putting ELF on the shelf…
In my last post I referred to something what I call “putting elf on the shelf”. The idea...
2023-1-3 08:20:48 | 阅读: 42 |
收藏
|
Hexacorn - www.hexacorn.com
xdbg
windows
roi
stage
reversing
A bunch of OLD-School RCE tricks…
January 1, 2023 in Productivity, Reversing...
2023-1-1 08:44:53 | 阅读: 66 |
收藏
|
Hexacorn - www.hexacorn.com
memory
debugger
xdbg
analysis
windows
Beyond good ol’ Run key, Part 140
December 30, 2022 in Autostart (Persistence)...
2022-12-31 07:29:4 | 阅读: 23 |
收藏
|
Hexacorn - www.hexacorn.com
ol
autostart
oldie
abused
How to be a good quitter?
It is now. It is happening. You have finally submitted your resignation letter and y...
2022-12-15 08:12:54 | 阅读: 16 |
收藏
|
Hexacorn - www.hexacorn.com
employment
dates
electronic
quit
rsu
Marrying client-side Windows-based CryptEncrypt and server-side,Linux-based Crypt::OpenSSL::RSA
Marrying client-side Windows-based CryptEncrypt and s...
2022-12-10 06:51:12 | 阅读: 21 |
收藏
|
Hexacorn - www.hexacorn.com
client
windows
googling
crypt
The Future of SOC
December 8, 2022 in Incident Response, SOC,...
2022-12-9 07:32:52 | 阅读: 23 |
收藏
|
Hexacorn - www.hexacorn.com
triage
security
regulated
aas
regional
Using make_sc_hash_db.py to create API hashing DBs
December 3, 2022 in Malware Analysis...
2022-12-4 06:43:3 | 阅读: 28 |
收藏
|
Hexacorn - www.hexacorn.com
blown
windows
hashing
analysis
python
Environment… is variable
December 2, 2022 in Archaeology, Living off...
2022-12-3 07:15:0 | 阅读: 37 |
收藏
|
Hexacorn - www.hexacorn.com
vc
librarypath
vscmd
spectre
Cracking Zeppelin
November 19, 2022 in Factorization, ransomwa...
2022-11-20 07:29:55 | 阅读: 38 |
收藏
|
www.hexacorn.com
ransomware
beat
cracking
zeppelin
unlikely
Beyond good ol’ Run key, Part 139
November 19, 2022 in Autostart (Persistence)...
2022-11-20 06:53:9 | 阅读: 19 |
收藏
|
www.hexacorn.com
dm
diagnostic
library
clsid
curious
Dealing with alert fatigue, Part 2
October 8, 2022 in SOC...
2022-10-9 05:49:42 | 阅读: 29 |
收藏
|
www.hexacorn.com
fidelity
senior
junior
security
analysis
Dealing with alert fatigue, Part 1
Gazillion tickets, gazillion emails a day. The business as usual for most SOCs…It ac...
2022-10-2 07:43:3 | 阅读: 14 |
收藏
|
www.hexacorn.com
ticketing
distinctive
literally
fatigue
stupid
Inserting data into other processes’ address space, part 1a
September 21, 2022 in Code Injection, Reusig...
2022-9-22 06:5:59 | 阅读: 21 |
收藏
|
www.hexacorn.com
nvifr
genuine
exchange
nvidia
inter
Adobe: JSX and JSXBIN files
September 2, 2022 in Autostart (Persistence)...
2022-9-3 06:21:24 | 阅读: 32 |
收藏
|
www.hexacorn.com
network
autostart
jsxbin
debugger
Previous
7
8
9
10
11
12
13
14
Next