Hexacorn Ltd
订阅

近期历史最近 100 条记录

2024-11-24 Portability of old Windows programs… Archaeology ‧ adam
2024-11-23 How to debug Windows service processes in the most old-school possible way… Archaeology ‧ adam
2024-11-17 AdobeFips – Adobe Reader Lolbin Living off the land ‧ adam
2024-11-16 Beyond good ol’ Run key, Part 144 Autostart (Persistence) ‧ adam
2024-11-09 The different type of relocation aka Moving between countries in practice 1/n Relocation ‧ adam
2024-11-08 Beating the dead horse, only to inject it some more… Archaeology ‧ adam
2024-11-06 Procmonning the Win11_24H2 build Archaeology ‧ adam
2024-10-27 Some notes on Windows 11 Notepad Archaeology ‧ adam
2024-10-26 Going reverse on reversing tools… Archaeology ‧ adam
2024-10-26 Installing latest Ghidra w/o installing it Ghidra ‧ adam
2024-10-20 Beyond good ol’ Run key, Part 143 Archaeology ‧ adam
2024-10-20 advpack.dll and IEAdvpack.dll logging capability Archaeology ‧ adam
2024-10-13 The Sweet16 – the oldbin lolbin called setup16.exe Archaeology ‧ adam
2024-10-03 Using Guids to guide the ID of samples’ capabilities or unique (attributable) properties… Archaeology ‧ adam
2024-09-22 Rundll32 goes to hell… Anti-Forensics ‧ adam
2024-09-21 Dexray v2.34 DeXRAY ‧ adam
2024-09-15 The delayed import-table phantomDLL opportunities Archaeology ‧ adam
2024-09-12 Rundll32.exe bomb Archaeology ‧ adam
2024-09-08 This post is totally Iconic Silly ‧ adam
2024-09-07 The art of underDLLoading Archaeology ‧ adam
2024-09-06 The art of overDLLoading Anti-Forensics ‧ adam
2024-09-06 Technical debt of C:WindowsSystem path Anti-Forensics ‧ adam
2024-09-05 Rundll32 and Phantom DLL lolbins, 32-bit version Anti-Forensics ‧ adam
2024-09-04 Rundll32 and Phantom DLL lolbins Anti-Forensics ‧ adam
2024-08-14 Enter Sandbox 29: The subtle art of reversing persuasion – pushing samples to run… Sandboxing ‧ adam
2024-08-08 Counting the API arguments… Archaeology ‧ adam
2024-08-03 The value-proposition of building and maintaining an internal Threat Hunting team… Preaching ‧ adam
2024-08-02 High Fidelity detections are Low Fidelity detections, until proven otherwise, Part 2 Archaeology ‧ adam
2024-07-14 High Fidelity detections are Low Fidelity detections, until proven otherwise Archaeology ‧ adam
2024-07-08 Writing a Frida-based VBS API monitor, Take two Frida ‧ adam
2024-07-07 Writing a Frida-based VBS API monitor Frida ‧ adam
2024-06-23 Enter Sandbox 28: Automated access primitives extraction Sandboxing ‧ adam
2024-06-16 Couple of Splunk/SPL Gotchas, Part 2 Splunk, SPL ‧ adam
2024-06-15 The art of artifact collection and hoarding for the sake of forensic exclusivity… – Part 5 Clustering ‧ adam
2024-06-09 PE Section names – re-visited, again PE Sections ‧ adam
2024-06-08 The art of artifact collection and hoarding for the sake of forensic exclusivity… – Part 4 Clustering ‧ adam
2024-06-06 The art of artifact collection and hoarding for the sake of forensic exclusivity… – Part 3 Clustering ‧ adam
2024-05-04 The art of artifact collection and hoarding for the sake of forensic exclusivity… – Part 2 Clustering ‧ adam
2024-05-02 The art of artifact collection and hoarding for the sake of forensic exclusivity… Clustering ‧ adam
2024-04-27 A license (metadata) to kill (for)… Forensic Analysis ‧ adam
2024-04-26 Excelling at Excel, Part 4 Excel ‧ adam
2024-04-19 Shall we say… Good bye, phishing queue? Part 2 Incident Response ‧ adam
2024-04-06 The art of cutting corners Hackme/crackme ‧ adam
2024-03-31 Subfrida v0.1 Frida ‧ adam
2024-03-30 From Underground to Overground Preaching ‧ adam
2023-09-04 The secret of 961c151d2e87f2686a955a9be24d316f1362bf21 Archaeology ‧ adam
2023-08-26 Writing better Yara rules in 2023… Yara sigs ‧ adam
2023-08-26 Lolbins for connoisseurs… Compromise Detection ‧ adam
2023-07-15 How to start your own threat intel company? Preaching ‧ adam
2023-07-14 Enter Sandbox 27: Account creation Sandboxing ‧ adam
2023-06-23 The myth of “knowing your org” -> know_your_org.docx Preaching ‧ adam
2023-06-15 Mitre Att&ck – from JSON to CSV Mitre Att&ck ‧ adam
2023-06-10 Perl and Python Scripting Templates… Batch Analysis ‧ adam
2023-06-08 This LOLBIN doesn’t exist… LOLBins ‧ adam
2023-06-04 Analyzing nested, obfuscated PHP files… Archaeology ‧ adam
2023-06-02 Analysing PS2EXE executables… De-everything, Un-everything ‧ adam
2023-05-24 DeXRAY, DFIR, and the art of ambulance chasing… DeXRAY ‧ adam
2023-05-18 Blue teaming – it’s DATa complicated… Security Logs ‧ adam
2023-05-13 Da Li’L World of DLL Exports and Entry Points, Part 6 Archaeology ‧ adam
2023-05-13 Matlab persistent lolbin – 2 years too late, but always… Autostart (Persistence) ‧ adam
2023-05-12 PE Section names – re-visited, again, in 2023 Reversing ‧ adam
2023-05-12 An Elf walks into the bar… Windows 11 ‧ adam
2023-05-06 Malware – some musings about the meaning of the word… Preaching ‧ adam
2023-05-05 Threat Hunting – architecture issues… ARM ‧ adam
2023-04-22 Using Detect It Easy to… detect it easy elf ‧ adam
2023-04-21 The words that go adapataadadapata Silly ‧ adam
2023-04-15 Beyond good ol’ Run key, Part 142 Autostart (Persistence) ‧ adam
2023-04-02 The words that go (.)[a-z]1[a-z]1[a-z]1[a-z]1[a-z]1 Silly ‧ adam
2023-03-29 Converting questionable questions into unquestionable opportunities… Preaching ‧ adam
2023-03-12 List of clean mutexes and mutants threat hunting ‧ adam
2023-03-11 Threat Hunting – localization issues threat hunting ‧ adam
2023-02-26 Beyond good ol’ Run key, Part 141 Autostart (Persistence) ‧ adam
2023-01-22 Excelling at Excel, Part 3 Excel ‧ adam
2023-01-21 Yara rules pageant Yara sigs ‧ adam
2023-01-14 Decrypting SHell Compiled (SHC) ELF files elf ‧ adam
2023-01-08 Excelling at Excel, Part 2 Excel ‧ adam
2023-01-07 Excelling at Excel, Part 1 Excel ‧ adam
2023-01-03 Putting ELF on the shelf… Malware Analysis ‧ adam
2023-01-01 A bunch of OLD-School RCE tricks… Productivity ‧ adam
2022-12-31 Beyond good ol’ Run key, Part 140 Autostart (Persistence) ‧ adam
2022-12-15 How to be a good quitter? career advice ‧ adam
2022-12-10 Marrying client-side Windows-based CryptEncrypt and server-side,Linux-based Crypt::OpenSSL::RSA C2 ‧ adam
2022-12-09 The Future of SOC Incident Response ‧ adam
2022-12-04 Using make_sc_hash_db.py to create API hashing DBs Malware Analysis ‧ adam
2022-12-03 Environment… is variable Archaeology ‧ adam
2022-11-20 Cracking Zeppelin Factorization ‧ adam
2022-11-20 Beyond good ol’ Run key, Part 139 Autostart (Persistence) ‧ adam
2022-10-09 Dealing with alert fatigue, Part 2 SOC ‧ adam
2022-10-02 Dealing with alert fatigue, Part 1 SOC ‧ adam
2022-09-22 Inserting data into other processes’ address space, part 1a Code Injection ‧ adam
2022-09-03 Adobe: JSX and JSXBIN files Autostart (Persistence) ‧ adam
2022-08-20 What to know, what to learn? What are useful skills for cyber in 2022? Preaching ‧ adam
2022-08-20 Password as a (Yara) Service Archaeology ‧ adam
2022-08-07 Week of Data Dumps, Part 7 – registry Archaeology ‧ adam
2022-08-06 Week of Data Dumps, Part 6 – file names Archaeology ‧ adam
2022-08-01 Week of Data Dumps, Part 5 – commands Archaeology ‧ adam
2022-07-31 Week of Data Dumps, Part 4 – games-related strings Archaeology ‧ adam
2022-07-24 Week of Data Dumps, Part 3 – service names Archaeology ‧ adam
2022-07-23 The curse of being ‘technical’ Preaching ‧ adam
2022-07-23 Week of Data Dumps, Part 2 – GUIDs Archaeology ‧ adam

匿名用户只展示最新 100 条榜单历史,更多历史数据请登录后查看,支持时光机按天筛选

Sponsors

今日解忧 - 赛博修行,舒缓静心,21世纪解压神器!
今日历 - 全球最全的日历,日历届的航空母舰!
百晓生AI - 全能创作助手

猜你喜欢