Tool: base64dump.py
ISC Diary entry: BASE85 Decoding With base64dump.py
my software
oledump Cheat Sheet
Cheat sheet: oledump.py Quick Reference
Tool: oledump.py
ISC diary entry: Video: oledump Cheat Sheet
ssdeep Python Example Based On My Templates
In this video, I show how to create your own tool based on my Python Templates.
The tool I created is ssdeep.py, essentially a wrapper for the ppdeep Python module.
ssdeep.py allows you to create fuzzy hashes, and compare them.
ssdeep_V0_0_1.zip (https)MD5: 32FD610D858E91BC009845E105ED87C3
SHA256: 02EA18EF0139B54D8A06AA0D3E7E2B0E2934E3675C453759E3DA3CC4F936F0A2
Cobalt Strike & DNS – Part 1
Tools: cs-dns-stager.py, base64dump.py and 1768.py
Capture file: https://www.malware-traffic-analysis.net/2021/05/21/index2.html
ISC diary entry: Video: Cobalt Strike & DNS – Part 1
The Security Toolsmith (NVISO Brown Bag 2021)
At NVISO, we do webinars over lunchtime. We call them “brown bags”.
In this brown bag, I talk about the development of my free, open source tools. As an example, I explain how to make your own tool to analyze ISO files using my templates.
Lua CSV Wireshark Dissector
Decoding Cobalt Strike Traffic
Tools: parse-cs-http-traffic.py, 1768.py, pecheck.py and pybeacon.
ISC diary entry: Decoding Cobalt Strike Traffic
Finding Metasploit & Cobalt Strike URLs
oledump and YARA DDE Rules
Tools: oledump.py, YARA.
NVISO blog post: Detecting DDE in MS Office documents
ISC diary entry: DDE and oledump
