Didier Stevens - RSS Feed

(blog \'DidierStevens)

Latest articles

Update: oledump.py Version 0.0.61

This new version of oledump.py comes with Excel 4 formula parsing improvements in the plugin_biff plugin. oledump_V0_0_61.zip (https)MD5: 6DC34FFAF4ED0066696ED230878AEED9SHA256: 41A68ABA19BBA74DAE653BE62D4A63A5AE409FB6DC1DAEEB2D419AA1B493728A

Update: oledump.py Version 0.0.61

This new version of oledump.py comes with Excel 4 formula parsing improvements in the plugin_biff plugin. oledump_V0_0_61.zip (https)MD5: 6DC34FFAF4ED0066696ED230878AEED9SHA256: 41A68ABA19BBA74DAE653BE62D4A63A5AE409FB6DC1DAEEB2D419AA1B493728A

Update: 1768.py Version 0.0.7

There are no code changes to this version of 1768.py, my tool to analyze Cobalt Strike beacons. What is new, is file 1768.json: this file contains statistical data for license IDs. Over a period of one month, I collected license ID information from these sources: threatviewio and @cobaltstrikebot. For each license ID that...

Update: 1768.py Version 0.0.7

There are no code changes to this version of 1768.py, my tool to analyze Cobalt Strike beacons. What is new, is file 1768.json: this file contains statistical data for license IDs. Over a period of one month, I collected license ID information from these sources: threatviewio and @cobaltstrikebot. For each license ID that...

New Tool: ssdeep.py

ssdeep.py is a Python tool to calculate ssdeep hashes using the ppdeep Python module. As I needed a Python implementation of an ssdeep tool, I decided to document the creation of such a tool with a video. I use my Python templates to quickly create this tool. ssdeep_V0_0_1.zip (https)MD5: 32FD610D858E91BC009845E105ED87C3SHA256: 02EA18EF0139B54D8A06AA0D3E7E2B0E2934E3675C453759E3DA3CC4F936F0A2

Update: Python Templates Version 0.0.5

Here is an update to my Python templates. I use these templates as a starting point for new tools or for quick development of ad-hoc tools. I also recorded a video showing how to use my template to create your own tool: ssdeep Python Example Based On My Templates. python-templates_V0_0_5.zip (https)MD5: 137878F4D7F799436F76C0119E6BB621SHA256:...

New Tool: ssdeep.py

ssdeep.py is a Python tool to calculate ssdeep hashes using the ppdeep Python module. As I needed a Python implementation of an ssdeep tool, I decided to document the creation of such a tool with a video. I use my Python templates to quickly create this tool. ssdeep_V0_0_1.zip (https)MD5: 32FD610D858E91BC009845E105ED87C3SHA256: 02EA18EF0139B54D8A06AA0D3E7E2B0E2934E3675C453759E3DA3CC4F936F0A2

Update: Python Templates Version 0.0.5

Here is an update to my Python templates. I use these templates as a starting point for new tools or for quick development of ad-hoc tools. I also recorded a video showing how to use my template to create your own tool: ssdeep Python Example Based On My Templates. python-templates_V0_0_5.zip (https)MD5: 137878F4D7F799436F76C0119E6BB621SHA256:...

How-to: Make Your Own Cert With OpenSSL on Windows (Reloaded)

As several things have changed since I published “Howto: Make Your Own Cert With OpenSSL on Windows” 5 years ago, I’m publishing an updated how-to. This time, I’m using the OpenSSL Windows binaries provided by the Curl developers: I’m using OpenSSL version 1.1.1i. I chose the 32-bit version, so that you can still follow along in case you have to do...

Overview of Content Published in May

Here is an overview of content I published in May: Blog posts: Update: 1768.py Version 0.0.6 Update: re-search.py Version 0.0.17 Update: base64dump.py Version 0.0.14 New Tool: cs-dns-stager.py YouTube videos: Making Sense Of Encrypted Cobalt Strike Traffic Cobalt Strike & DNS – Part 1 Videoblog posts: Making Sense Of Encrypted...

Discover, share and read the best on the web

Subscribe to RSS Feeds, Blogs, Podcasts, Twitter searches, Facebook pages, even Email Newsletters! Get unfiltered news feeds or filter them to your liking.

Get Inoreader
Inoreader - Subscribe to RSS Feeds, Blogs, Podcasts, Twitter searches, Facebook pages, even Email Newsletters!