Skip to content

Didier Stevens Videos

  • Home
  • About
  • count.py

Didier Stevens Videos RSS

  • RSS - Posts

Recent Posts

  • Extracting Information From “logfmt” Files With CyberChef
  • PNG + mimikatz.exe
  • PNG Analysis
  • Analysis of a Malicious HTML File (QBot)
  • Grep & Tail -f With Notepad++

Recent Comments

Mike Michalko on James Webb JPEG With Malw…
isodump.py | Didier… on The Security Toolsmith (NVISO…
Overview of Content… on Maldoc Analysis With Cybe…
ZIP(EICAR File), Mem… on EICAR File, Memorized
Overview of Content… on AutoCAD & VBA

Archives

  • November 2022
  • October 2022
  • September 2022
  • August 2022
  • July 2022
  • June 2022
  • April 2022
  • March 2022
  • November 2021
  • October 2021
  • September 2021
  • August 2021
  • July 2021
  • June 2021
  • May 2021
  • April 2021
  • March 2021
  • February 2021
  • January 2021
  • December 2020
  • November 2020
  • October 2020
  • July 2020
  • June 2020
  • May 2020
  • April 2020
  • March 2020
  • February 2020
  • January 2020
  • December 2019
  • September 2019
  • July 2019
  • May 2019
  • March 2019
  • February 2019
  • January 2019
  • December 2018
  • September 2018
  • August 2018
  • July 2018
  • June 2018
  • December 2017
  • August 2017
  • July 2017
  • June 2017
  • May 2017
  • April 2017
  • March 2017
  • December 2016
  • November 2016
  • October 2016
  • July 2016
  • May 2016
  • December 2015
  • November 2015
  • October 2015
  • September 2015
  • August 2015
  • July 2015
  • June 2015
  • May 2015
  • April 2015
  • March 2015
  • February 2015
  • January 2015
  • December 2014
  • November 2014
  • October 2014
  • September 2014
  • August 2014
  • July 2014

Categories

  • howto
  • malware
  • my software
  • Networking
  • Science
  • technology
  • Uncategorized
  • video

Meta

  • Register
  • Log in
  • Entries feed
  • Comments feed
  • WordPress.com

Month: January 2021

pdftool.py: Incremental Updates

Tool: pdftool.py

Blog posts: Solving a Little PDF Puzzle, Shoulder Surfing a Malicious PDF Author, New Tool: pdftool.py.

Comment
January 30, 2021January 31, 2021 Didier Stevens

Decoding a Payload Using a Dynamic XOR Key

Tool: XORSelection.1sc

Sample: 8f4654952833b7d7b7db02ca7cb6c2f6cb9c3c545dc51124b0f18588b3c4e1c0

Blog post: Update: XORSelection.1sc Version 6.0

If you want to skip the part explaining my script XORSelection, you can jump directly to the dynamic XOR-key explanation.

Comment
January 27, 2021January 28, 2021 Didier Stevens

Doc & RTF Malicious Document

Tools: strings.py, oledump.py, zipdump.py, re-search.py, rtfdump.py and shellcode emulator scdbg.

Samples: f84b3a056abcbcfd5976afe8776a35c5894b379e65c411ddc421941d3a2a4b8b, 5c3d12b29a1bb9fb775bb6d862a32ae8e89af943b6337c71fe2268dee70055e9

ISC diary entry: Doc & RTF Malicious Document

Comment
January 26, 2021 Didier Stevens

CyberChef: Analyzing OOXML Files for URLs

Tools: CyberChef

CyberChef Recipe: here

Sample: f84b3a056abcbcfd5976afe8776a35c5894b379e65c411ddc421941d3a2a4b8b

ISC diary entry: Doc & RTF Malicious Document

 

Comment
January 22, 2021January 22, 2021 Didier Stevens

My Encrypted Storage: Read-Only

Devices: iStorage datashur PRO, datashur PRO² and diskashur PRO².

Comment
January 18, 2021 Didier Stevens

My Encrypted Storage

Devices: iStorage datashur PRO, datashur PRO² and diskashur PRO².

 

Comment
January 18, 2021 Didier Stevens

Maldoc Analysis With CyberChef

Tools: CyberChef

Sample: 969ff75448ea54feccc0d5f652e00172af8e1848352e9a5877d705fc97fa0238

ISC diary entry: Maldoc Analysis With CyberChef

1 Comment
January 10, 2021 Didier Stevens
Blog at WordPress.com.
  • Follow Following
    • Didier Stevens Videos
    • Already have a WordPress.com account? Log in now.
    • Didier Stevens Videos
    • Customize
    • Follow Following
    • Sign up
    • Log in
    • Report this content
    • View site in Reader
    • Manage subscriptions
    • Collapse this bar