Here is an overview of content I published in October:

Blog posts:

KEIHash: Fingerprinting SSH Release: Python Tool Templates New tool: decompress_rtf.py Update: pdf-parser.py Version 0.6.9 Update: oledump.py Version 0.0.38 Analyzing PowerPoint Maldocs with oledump Plugin plugin_ppt Update: file-magic.py Version 0.0.3 Update: file-magic.py Version 0.0.4 Update: format-bytes.py Version 0.0.6

SANS ISC Diary entries:

Decoding Custom Substitution Encodings with translate.py Developing YARA Rules: a Practical Example YARA: XOR Strings YARA XOR Strings: Some Remarks Maldoc: Once More It’s XOR CyberChef: BASE64/XOR Recipe MSG Files: Compressed RTF Detecting Compressed RTF Maldoc Duplicating PowerShell Prior to Use

Here is an overview of content I published in September:

Blog posts:

Firmware Upgrade: WiFi Pineapple NANO WiFi Pineapple NANO: Persistent Recon DB Quickpost: Compiling EXEs and Resources with MinGW on Kali Update: pecheck.py Version 0.7.4 Quickpost: Signing Windows Executables on Kali

YouTube videos:

Using scdbg to analyze shellcode When DOSfuscation Helps…

Videoblog posts:

Maldoc with DOSfuscation: example 2 Using scdbg to analyze shellcode

SANS ISC Diary entries:

Another quickie: Using scdbg to analyze shellcode Video: Using scdbg to analyze shellcode “What is dikona or glirote3?” User Agent String “$ua.tools.random()” ? ! 20/20 malware vision Suspicious DNS Requests … Issued by a Firewall Analyzing Encoded Shellcode with scdbg When DOSfuscation Helps…