Skip to content

Didier Stevens Videos

  • Home
  • About
  • count.py

Didier Stevens Videos RSS

  • RSS - Posts

Recent Posts

  • Extracting Information From “logfmt” Files With CyberChef
  • PNG + mimikatz.exe
  • PNG Analysis
  • Analysis of a Malicious HTML File (QBot)
  • Grep & Tail -f With Notepad++

Recent Comments

Mike Michalko on James Webb JPEG With Malw…
isodump.py | Didier… on The Security Toolsmith (NVISO…
Overview of Content… on Maldoc Analysis With Cybe…
ZIP(EICAR File), Mem… on EICAR File, Memorized
Overview of Content… on AutoCAD & VBA

Archives

  • November 2022
  • October 2022
  • September 2022
  • August 2022
  • July 2022
  • June 2022
  • April 2022
  • March 2022
  • November 2021
  • October 2021
  • September 2021
  • August 2021
  • July 2021
  • June 2021
  • May 2021
  • April 2021
  • March 2021
  • February 2021
  • January 2021
  • December 2020
  • November 2020
  • October 2020
  • July 2020
  • June 2020
  • May 2020
  • April 2020
  • March 2020
  • February 2020
  • January 2020
  • December 2019
  • September 2019
  • July 2019
  • May 2019
  • March 2019
  • February 2019
  • January 2019
  • December 2018
  • September 2018
  • August 2018
  • July 2018
  • June 2018
  • December 2017
  • August 2017
  • July 2017
  • June 2017
  • May 2017
  • April 2017
  • March 2017
  • December 2016
  • November 2016
  • October 2016
  • July 2016
  • May 2016
  • December 2015
  • November 2015
  • October 2015
  • September 2015
  • August 2015
  • July 2015
  • June 2015
  • May 2015
  • April 2015
  • March 2015
  • February 2015
  • January 2015
  • December 2014
  • November 2014
  • October 2014
  • September 2014
  • August 2014
  • July 2014

Categories

  • howto
  • malware
  • my software
  • Networking
  • Science
  • technology
  • Uncategorized
  • video

Meta

  • Register
  • Log in
  • Entries feed
  • Comments feed
  • WordPress.com

Maldoc: non-ASCII VBA Identifiers

Tools: oledump.py

Sample: f0deca3a062a057b45bd075aef290b9bd88180c4f72743c29907dc3b934121d8

ISC diary entry: Maldoc: non-ASCII VBA Identifiers

Comment
July 24, 2022 Didier Stevens

Decoding Obfuscated BASE64 Statistically

Sample: 402a722d58368018ffb78eda78280a3f1e6346dd8996b4e4cd442f30e429a5cf

Tools: strings.py, base64dump.py, re-search.py, byte-stats.py

ISC Diary Entry: Decoding Obfuscated BASE64 Statistically

Comment
June 18, 2022 Didier Stevens

RTF & ms-msdt & Preview Pane

Tools: rtfdump.py, oledump.py, olemake.py (private tool, not available for download)

Comment
June 18, 2022 Didier Stevens

Maldoc .DOCX MSDT Inside Sandbox

This was a quick recording without microphone.

Comment
June 18, 2022 Didier Stevens

Office Protects You From Malicious ISO Files

Tool: zoneidentifier.exe

ISC Diary Entry: Office Protects You From Malicious ISO Files

Comment
April 17, 2022 Didier Stevens

Method For String Extraction Filtering

Tools: zipdump.py, strings.py and myjson-filter.py.

ISC diary entry: Method For String Extraction Filtering

Comment
April 10, 2022April 10, 2022 Didier Stevens

curl, json & jo

ISC diary entries: curl 7.82.0 Adds –json Option, jo

Comment
April 10, 2022 Didier Stevens

Maldoc Cleaned by Anti-Virus

Tools: oledump.py, OLETemplate.bt, 010 Editor

ISC Diary Entry: Maldoc Cleaned by Anti-Virus

Sample: 0f609e43fa76afd4e2e916acb2ab54cc8fce64750ec372f716b42f34db3da0ce

Comment
March 27, 2022 Didier Stevens

TShark & Multiple IP Addresses

Tools: Tshark

ISC Diary Entry: TShark & Multiple IP Addresses

Comment
March 9, 2022 Didier Stevens

Quick & Dirty Shellcode Analysis – CVE-2017-11882

Tools: oledump.py, xorsearch, scdbg

ISC Diary Entry: A Good Old Equation Editor Vulnerability Delivering Malware

Sample: c82724520ee5ffbcc6ee13c76d004aa903c2f70c93c505df87fe46e5e8cc53a9

Comment
March 9, 2022 Didier Stevens

Posts navigation

← Older posts
Newer posts →
Blog at WordPress.com.
Didier Stevens Videos
Blog at WordPress.com.
  • Follow Following
    • Didier Stevens Videos
    • Already have a WordPress.com account? Log in now.
    • Didier Stevens Videos
    • Customize
    • Follow Following
    • Sign up
    • Log in
    • Report this content
    • View site in Reader
    • Manage subscriptions
    • Collapse this bar
 

Loading Comments...