I added a new option to my cmd.dll’s DLL command: DLL /A
Soon I’ll publish the code for this new option.
my software
re-search Part 1
re-search Part 2
Analysing Malicious Documents – 44CON 2015 Training
re-search And Dyre Malware
re-search_V0_0_1.zip (https)
MD5: 5700D814CE5DD5B47F9C09CD819256BD
SHA256: 8CCF0117444A2F28BAEA6281200805A07445E9A061D301CC385965F3D0E8B1AF
Maldoc With BASE64
Malicious PDF: Just A URI
A PDF file that contains no malicious code, just a social engineering trick to get you to click on a link.
TCP Flags for Wireshark
Download the TCP Flags dissector here.
Maldoc: PDF With OLE
Showing how to analyze a PDF file with embedded OLE file with VBA macros using my tools pdfid, pdf-parser and oledump.
pdf-parser_V0_6_3.zip (https)
MD5: 62D1AFACA8C124FB2AC279F22C088BB3
SHA256: 339E8D18BE21BAD6B2B33BDD29721F32624F3D842087D3AE353C6F8D6B92D185
oledump And Yet Another XML (Bis)
You can find oledump.py here.
Didier Stevens Videos 