Update: oledump.py Version 0.0.61

This new version of oledump.py comes with Excel 4 formula parsing improvements in the plugin_biff plugin. oledump_V0_0_61.zip (https)MD5: 6DC34FFAF4ED0066696ED230878AEED9SHA256: 41A68ABA19BBA74DAE653BE62D4A63A5AE409FB6DC1DAEEB2D419AA1B493728A

2d

Update: oledump.py Version 0.0.61

This new version of oledump.py comes with Excel 4 formula parsing improvements in the plugin_biff plugin. oledump_V0_0_61.zip (https)MD5: 6DC34FFAF4ED0066696ED230878AEED9SHA256: 41A68ABA19BBA74DAE653BE62D4A63A5AE409FB6DC1DAEEB2D419AA1B493728A

2d

Update: 1768.py Version 0.0.7

There are no code changes to this version of 1768.py, my tool to analyze Cobalt Strike beacons. What is new, is file 1768.json: this file contains statistical data for license IDs. Over a period of one month, I collected license ID information from these sources: threatviewio and @cobaltstrikebot. For each license ID that...

2w

Update: 1768.py Version 0.0.7

There are no code changes to this version of 1768.py, my tool to analyze Cobalt Strike beacons. What is new, is file 1768.json: this file contains statistical data for license IDs. Over a period of one month, I collected license ID information from these sources: threatviewio and @cobaltstrikebot. For each license ID that...

2w

New Tool: ssdeep.py

ssdeep.py is a Python tool to calculate ssdeep hashes using the ppdeep Python module. As I needed a Python implementation of an ssdeep tool, I decided to document the creation of such a tool with a video. I use my Python templates to quickly create this tool. ssdeep_V0_0_1.zip (https)MD5: 32FD610D858E91BC009845E105ED87C3SHA256: 02EA18EF0139B54D8A06AA0D3E7E2B0E2934E3675C453759E3DA3CC4F936F0A2

2w

Update: Python Templates Version 0.0.5

Here is an update to my Python templates. I use these templates as a starting point for new tools or for quick development of ad-hoc tools. I also recorded a video showing how to use my template to create your own tool: ssdeep Python Example Based On My Templates. python-templates_V0_0_5.zip (https)MD5: 137878F4D7F799436F76C0119E6BB621SHA256:...

2w

New Tool: ssdeep.py

ssdeep.py is a Python tool to calculate ssdeep hashes using the ppdeep Python module. As I needed a Python implementation of an ssdeep tool, I decided to document the creation of such a tool with a video. I use my Python templates to quickly create this tool. ssdeep_V0_0_1.zip (https)MD5: 32FD610D858E91BC009845E105ED87C3SHA256: 02EA18EF0139B54D8A06AA0D3E7E2B0E2934E3675C453759E3DA3CC4F936F0A2

2w

Update: Python Templates Version 0.0.5

Here is an update to my Python templates. I use these templates as a starting point for new tools or for quick development of ad-hoc tools. I also recorded a video showing how to use my template to create your own tool: ssdeep Python Example Based On My Templates. python-templates_V0_0_5.zip (https)MD5: 137878F4D7F799436F76C0119E6BB621SHA256:...

2w

How-to: Make Your Own Cert With OpenSSL on Windows (Reloaded)

As several things have changed since I published “Howto: Make Your Own Cert With OpenSSL on Windows” 5 years ago, I’m publishing an updated how-to. This time, I’m using the OpenSSL Windows binaries provided by the Curl developers: I’m using OpenSSL version 1.1.1i. I chose the 32-bit version, so that you can still follow along in case you have to do...

3w

Overview of Content Published in May

Here is an overview of content I published in May: Blog posts: Update: 1768.py Version 0.0.6 Update: re-search.py Version 0.0.17 Update: base64dump.py Version 0.0.14 New Tool: cs-dns-stager.py YouTube videos: Making Sense Of Encrypted Cobalt Strike Traffic Cobalt Strike & DNS – Part 1 Videoblog posts: Making Sense Of Encrypted...

3w