Skip to content

Didier Stevens Videos

Search for:

Home
About
count.py

Didier Stevens Videos RSS

RSS - Posts

Search for:

Recent Posts

CVE-2021-40444 Maldocs: Extracting URLs
Strings Analysis: VBA & Excel4 Maldoc
Simple Analysis Of A CVE-2021-40444 .docx Document
My YouTube Playlists
CyberChef: BASE85 Decoding

Recent Comments

	isodump.py \| Didier… on The Security Toolsmith (NVISO…
	Overview of Content… on Maldoc Analysis With Cybe…
	ZIP(EICAR File), Mem… on EICAR File, Memorized
	Overview of Content… on AutoCAD & VBA
	Overview of Content… on Analyzing .DWG Files With Embe…

Archives

Categories

howto
malware
my software
Science
technology
Uncategorized
video

Meta

Register
Log in
Entries feed
Comments feed
WordPress.com

malware

CVE-2021-40444 Maldocs: Extracting URLs

Samples: ed2b9e22aef3e545814519151528b2d11a5e73d1b2119c067e672b653ab6855a and 679bbe0c50754853978a3a583505ebb99bce720cf26a6aaf8be06cd879701ff1

Tools: zipdump.py, re-search.py and xmldump.py

ISC diary entry: Simple Analysis Of A CVE-2021-40444 .docx Document

Comment

October 4, 2021 Didier Stevens

Strings Analysis: VBA & Excel4 Maldoc

Tools: CyberChef

Sample: 2013496fe5524988c28357245d684cdca787b47c0b3b16cae20b3222977d769b

ISC Diary Entry: Strings Analysis: VBA & Excel4 Maldoc

Comment

October 2, 2021 Didier Stevens

Simple Analysis Of A CVE-2021-40444 .docx Document

Samples: ed2b9e22aef3e545814519151528b2d11a5e73d1b2119c067e672b653ab6855a and 679bbe0c50754853978a3a583505ebb99bce720cf26a6aaf8be06cd879701ff1

Tools: zipdump.py, re-search.py and xmldump.py

ISC diary entry: Simple Analysis Of A CVE-2021-40444 .docx Document

Comment

September 19, 2021 Didier Stevens

CyberChef: BASE85 Decoding

Tools: CyberChef

CyberChef recipe: pastebin

ISC diary entry: Video: CyberChef BASE85 Decoding

Comment

July 18, 2021 Didier Stevens

Adding BASE85 To base64dump.py

Tool: base64dump.py

ISC Diary entry: BASE85 Decoding With base64dump.py

Comment

July 18, 2021 Didier Stevens

Cobalt Strike & DNS – Part 1

Tools: cs-dns-stager.py, base64dump.py and 1768.py

Capture file: https://www.malware-traffic-analysis.net/2021/05/21/index2.html

ISC diary entry: Video: Cobalt Strike & DNS – Part 1

Comment

May 30, 2021 Didier Stevens

Making Sense Of Encrypted Cobalt Strike Traffic

Tools: 1768.py.

Brad’s post with pcap file: 2021-05-13 (THURSDAY) – HANCITOR WITH FICKER STEALER AND COBALT STRIKE

Comment

May 22, 2021May 26, 2021 Didier Stevens

Decoding Cobalt Strike Traffic

Tools: parse-cs-http-traffic.py, 1768.py, pecheck.py and pybeacon.

ISC diary entry: Decoding Cobalt Strike Traffic

Comment

April 18, 2021April 18, 2021 Didier Stevens

Finding Metasploit & Cobalt Strike URLs

Tools: metatool.py.

ISC diary entry: Finding Metasploit & Cobalt Strike URLs

Comment

March 21, 2021 Didier Stevens

oledump and YARA DDE Rules

Tools: oledump.py, YARA.

NVISO blog post: Detecting DDE in MS Office documents

ISC diary entry: DDE and oledump

Comment

February 21, 2021 Didier Stevens

Posts navigation

← Older posts

Blog at WordPress.com.

Didier Stevens Videos

Blog at WordPress.com.

Loading Comments...

Write a Comment...

Email (Required)

Name (Required)

Website