Recent posts
SpyNote C2 Emulator
SpyNote is a sophisticated Android malware (aka SpyMax)
DNS Tunneling
Exploits the DNS protocol to bypass security controls, enabling data exfiltration, C2 communication.
IcedID gziploader analysis
IcedID , also known as BokBot, was among one of the most active malware families and has been known for loading diffe...
HermeticWiper/FoxBlade Analysis (in-depth)
The malware which targeting Ukrainian infrastructure (Specially windows devices) has since been observed in the neigh...
Digging into memory
I’m solving memory forensics challenge with volatility2 framework from Defcon DFIR CTF 2019