Recent posts
DNS Tunneling
Exploits the DNS protocol to bypass security controls, enabling data exfiltration, C2 communication.
IcedID gziploader analysis (Part1)
IcedID , also known as BokBot, was among one of the most active malware families and has been known for loading diffe...
HermeticWiper/FoxBlade Analysis (in-depth)
The malware which targeting Ukrainian infrastructure (Specially windows devices) has since been observed in the neigh...
Digging into memory
I’m solving memory forensics challenge with volatility2 framework from Defcon DFIR CTF 2019
Playing with AsyncRAT
AsyncRAT is a Remote Access Tool (RAT) designed to remotely monitor and control other computers