Skip to content

Didier Stevens Videos

  • Home
  • About
  • count.py

Didier Stevens Videos RSS

  • RSS - Posts

Recent Posts

  • Extracting Information From “logfmt” Files With CyberChef
  • PNG + mimikatz.exe
  • PNG Analysis
  • Analysis of a Malicious HTML File (QBot)
  • Grep & Tail -f With Notepad++

Recent Comments

Mike Michalko on James Webb JPEG With Malw…
isodump.py | Didier… on The Security Toolsmith (NVISO…
Overview of Content… on Maldoc Analysis With Cybe…
ZIP(EICAR File), Mem… on EICAR File, Memorized
Overview of Content… on AutoCAD & VBA

Archives

  • November 2022
  • October 2022
  • September 2022
  • August 2022
  • July 2022
  • June 2022
  • April 2022
  • March 2022
  • November 2021
  • October 2021
  • September 2021
  • August 2021
  • July 2021
  • June 2021
  • May 2021
  • April 2021
  • March 2021
  • February 2021
  • January 2021
  • December 2020
  • November 2020
  • October 2020
  • July 2020
  • June 2020
  • May 2020
  • April 2020
  • March 2020
  • February 2020
  • January 2020
  • December 2019
  • September 2019
  • July 2019
  • May 2019
  • March 2019
  • February 2019
  • January 2019
  • December 2018
  • September 2018
  • August 2018
  • July 2018
  • June 2018
  • December 2017
  • August 2017
  • July 2017
  • June 2017
  • May 2017
  • April 2017
  • March 2017
  • December 2016
  • November 2016
  • October 2016
  • July 2016
  • May 2016
  • December 2015
  • November 2015
  • October 2015
  • September 2015
  • August 2015
  • July 2015
  • June 2015
  • May 2015
  • April 2015
  • March 2015
  • February 2015
  • January 2015
  • December 2014
  • November 2014
  • October 2014
  • September 2014
  • August 2014
  • July 2014

Categories

  • howto
  • malware
  • my software
  • Networking
  • Science
  • technology
  • Uncategorized
  • video

Meta

  • Register
  • Log in
  • Entries feed
  • Comments feed
  • WordPress.com

Extracting Information From “logfmt” Files With CyberChef

Tool: CyberChef

Input: logfile, recipe

ISC Diary Entry: Extracting Information From “logfmt” Files With CyberChef

Comment
November 12, 2022 Didier Stevens

PNG + mimikatz.exe

Tools: pngdump.py, pecheck.py, strings.py

bdm.png: 95ffae4e0aecd870211c9825633b0a80b7613ec0d9ae144178c132559e7de437 virustotal malshare

Comment
October 14, 2022 Didier Stevens

PNG Analysis

Tools: pngdump.py, byte-stats.py, translate.py, decrypt-icedid.py, strings.py

Sample: 8fca57502cbd74502560bf963f3fd78acfc922b43d5973a0cd8f28426214abca

SANS ISC Diary entry: PNG Analysis

Comment
October 14, 2022 Didier Stevens

Analysis of a Malicious HTML File (QBot)

Tools: base64dump.py, zipdump.py, isodump.py, pecheck.py

Sample: 79cd49dc922c41b2845787c7835063e6ed77507001df133e7d7aafa3d13b6e20

SANS ISC Diary entry: Analysis of a Malicious HTML File (QBot)

Comment
October 14, 2022October 16, 2022 Didier Stevens

Grep & Tail -f With Notepad++

Tools: Notepad++

ISC Diary entry: “Quickie: Grep & Tail -f With Notepad++“

Comment
September 18, 2022 Didier Stevens

Analyzing Obfuscated VBS with CyberChef

Tools: zipdump.py, CyberChef

ISC diary entry: “Analyzing Obfuscated VBS with CyberChef“

Sample: malwarebazaar

Comment
September 17, 2022 Didier Stevens

An Obfuscated Beacon – Extra XOR Layer

Tools: 1768.py, xor-kpa.py, pecheck.py, translate.py, strings.py

Diary entry: Analysis of an Encoded Cobalt Strike Beacon

Sample: e652ee076aded6b2c8b4e3e8ee83ed9423019d0a9aacbd38837d251191972bef

Comment
September 6, 2022 Didier Stevens

VBA Maldoc & UTF7 (APT-C-35)

Tools: oledump.py, re-search.py, hex-to-bin.py, translate.py, xorsearch, strings.py

Diary entries: “VBA Maldoc & UTF7 (APT-C-35)“, “Update: VBA Maldoc & UTF7 (APT-C-35)“

Sample: 394c97cc9d567e556a357f129aea03f737cbd2a1761df32146ef69d93afc73dc, MalwareBazaar

Comment
September 4, 2022September 9, 2022 Didier Stevens

James Webb JPEG With Malware

Tools: jpegdump.py, base64dump.py, pecheck.py, headtail.py

ISC diary entry: James Webb JPEG With Malware

Sample: 3bdf6d9f0f35be75d8345d897ec838ae231ba01ae898f6d0c8f920ff4061fc22, MalwareBazaar

1 Comment
September 3, 2022 Didier Stevens

1768.py’s Sanity Check

Tools: 1768.py

Comment
August 28, 2022 Didier Stevens

Posts navigation

← Older posts
Blog at WordPress.com.
Didier Stevens Videos
Blog at WordPress.com.
  • Follow Following
    • Didier Stevens Videos
    • Already have a WordPress.com account? Log in now.
    • Didier Stevens Videos
    • Customize
    • Follow Following
    • Sign up
    • Log in
    • Report this content
    • View site in Reader
    • Manage subscriptions
    • Collapse this bar
 

Loading Comments...