Skip to content

Didier Stevens Videos

Search for:

Home
About
count.py

Didier Stevens Videos RSS

RSS - Posts

Search for:

Recent Posts

Reversing A Network Protocol
Extracting Information From “logfmt” Files With CyberChef
PNG + mimikatz.exe
PNG Analysis
Analysis of a Malicious HTML File (QBot)

Recent Comments

	Mike Michalko on James Webb JPEG With Malw…
	isodump.py \| Didier… on The Security Toolsmith (NVISO…
	Overview of Content… on Maldoc Analysis With Cybe…
	ZIP(EICAR File), Mem… on EICAR File, Memorized
	Overview of Content… on AutoCAD & VBA

Archives

Categories

howto
malware
my software
Networking
Science
technology
Uncategorized
video

Meta

Create account
Log in
Entries feed
Comments feed
WordPress.com

malware

CVE-2021-40444 Maldocs: Extracting URLs

Samples: ed2b9e22aef3e545814519151528b2d11a5e73d1b2119c067e672b653ab6855a and 679bbe0c50754853978a3a583505ebb99bce720cf26a6aaf8be06cd879701ff1

Tools: zipdump.py, re-search.py and xmldump.py

ISC diary entry: Simple Analysis Of A CVE-2021-40444 .docx Document

Comment

October 4, 2021 Didier Stevens

Strings Analysis: VBA & Excel4 Maldoc

Tools: CyberChef

Sample: 2013496fe5524988c28357245d684cdca787b47c0b3b16cae20b3222977d769b

ISC Diary Entry: Strings Analysis: VBA & Excel4 Maldoc

Comment

October 2, 2021 Didier Stevens

Simple Analysis Of A CVE-2021-40444 .docx Document

Samples: ed2b9e22aef3e545814519151528b2d11a5e73d1b2119c067e672b653ab6855a and 679bbe0c50754853978a3a583505ebb99bce720cf26a6aaf8be06cd879701ff1

Tools: zipdump.py, re-search.py and xmldump.py

ISC diary entry: Simple Analysis Of A CVE-2021-40444 .docx Document

Comment

September 19, 2021 Didier Stevens

CyberChef: BASE85 Decoding

Tools: CyberChef

CyberChef recipe: pastebin

ISC diary entry: Video: CyberChef BASE85 Decoding

Comment

July 18, 2021 Didier Stevens

Adding BASE85 To base64dump.py

Tool: base64dump.py

ISC Diary entry: BASE85 Decoding With base64dump.py

Comment

July 18, 2021 Didier Stevens

Cobalt Strike & DNS – Part 1

Tools: cs-dns-stager.py, base64dump.py and 1768.py

Capture file: https://www.malware-traffic-analysis.net/2021/05/21/index2.html

ISC diary entry: Video: Cobalt Strike & DNS – Part 1

Comment

May 30, 2021 Didier Stevens

Making Sense Of Encrypted Cobalt Strike Traffic

Tools: 1768.py.

Brad’s post with pcap file: 2021-05-13 (THURSDAY) – HANCITOR WITH FICKER STEALER AND COBALT STRIKE

Comment

May 22, 2021May 26, 2021 Didier Stevens

Decoding Cobalt Strike Traffic

Tools: parse-cs-http-traffic.py, 1768.py, pecheck.py and pybeacon.

ISC diary entry: Decoding Cobalt Strike Traffic

Comment

April 18, 2021April 18, 2021 Didier Stevens

Finding Metasploit & Cobalt Strike URLs

Tools: metatool.py.

ISC diary entry: Finding Metasploit & Cobalt Strike URLs

Comment

March 21, 2021 Didier Stevens

oledump and YARA DDE Rules

Tools: oledump.py, YARA.

NVISO blog post: Detecting DDE in MS Office documents

ISC diary entry: DDE and oledump

Comment

February 21, 2021 Didier Stevens

Posts navigation

← Older posts

Newer posts →

Blog at WordPress.com.

Didier Stevens Videos

Blog at WordPress.com.

Subscribe Subscribed
- Didier Stevens Videos
- Already have a WordPress.com account? Log in now.

Loading Comments...

Write a Comment...

Email (Required)

Name (Required)

Website