Announcement Archives | Forensic Blogs

June 30, 2019 by Didier Stevens

Overview of Content Published in June

Here is an overview of content I published in June:

Blog posts:

Update: sets.py Version 0.0.3 Quickpost: C Random Functions in Other Languages Update: virustotal-search.py Version 0.1.5 New Tool: amsiscan.py

SANS ISC Diary entries:

Tip: BASE64 Encoded PowerShell Scripts are Recognizable by the Amount of Letter As Tip: Sysmon Will Log DNS Queries Sysmon Version 10: DNS Logging

NVISO blog posts:

Solving a CTF challenge: Exploiting a Buffer Overflow (video) Malicious SYLK Files with MS Excel 4.0 Macros

May 31, 2019 by Didier Stevens

Overview of Content Published in May

Here is an overview of content I published in May:

Blog posts:

Quickpost: Retrieving an SSL Certificate with nmap WebDAV, NTLM & Responder DSSuite: A Docker Container With My Tools Update: zipdump Version 0.0.15 Update: hex-to-bin.py Version 0.0.2

YouTube videos:

nmap Service Detection Customization

Videoblog posts:

Analysis of PDFs Created with OpenOffice/LibreOffice nmap Service Detection Customization

SANS ISC Diary entries:

VBA Office Document: Which Version? Text and Text Do You Remember the SUBST Command? Video: nmap Service Detection Customization nmap Service Fingerprint Office Document & BASE64? PowerShell! Analyzing First Stage Shellcode Retrieving Second Stage Payload with Ncat

NVISO blog posts:

Detecting and Analyzing Microsoft Office Online Video

May 26, 2019 by Didier Stevens

DSSuite: A Docker Container With My Tools

I want to thank Xavier Mertens for creating a Docker container with my tools (GitHub): DSSuite.

Details can be found in ISC diary entry “DSSuite – A Docker Container with Didier’s Tools“.