Here is an overview of content I published in August:

Blog posts:

Update: pdf-parser.py Version 0.7.2 Downloading Executables Over DNS: Capture Files

YouTube videos:

Analyzing DAA Files

SANS ISC Diary entries:

Nmap Defcon Release: 7.80 Malicious .DAA Attachments Analysis of a Spearphishing Maldoc The DAA File Format Video: Analyzing DAA Files Compressed ISO Files (ISZ)

NVISO blog posts:

Extracting Certificates From the Windows Registry

Here is an overview of content I published in July:

Blog posts:

Quickpost: nslookup Types Update: format-bytes.py Version 0.0.9 Quickpost: tcp-honeypot.py & Browser Tests

YouTube videos:

Analyzing Compressed PowerShell Scripts

Videoblog posts:

Analyzing Compressed PowerShell Scripts

SANS ISC Diary entries:

Maldoc: Payloads in User Forms A “Stream O” Maldoc Machine Code? Malicious XSL Files Machine Code? No! isodump.py and Malicious ISO Files Malicious RTF Analysis CVE-2017-11882 by a Reader Analyzing Compressed PowerShell Scripts A Python TCP proxy Video: Analyzing Compressed PowerShell Scripts Recognizing ZLIB Compression

Here is an overview of content I published in June:

Blog posts:

Update: sets.py Version 0.0.3 Quickpost: C Random Functions in Other Languages Update: virustotal-search.py Version 0.1.5 New Tool: amsiscan.py

SANS ISC Diary entries:

Tip: BASE64 Encoded PowerShell Scripts are Recognizable by the Amount of Letter As Tip: Sysmon Will Log DNS Queries Sysmon Version 10: DNS Logging

NVISO blog posts:

Solving a CTF challenge: Exploiting a Buffer Overflow (video) Malicious SYLK Files with MS Excel 4.0 Macros