Forensic Blogs

An aggregator for digital forensics blogs

by

Overview of Content Published in March

Here is an overview of content I published in March:

Blog posts:

Update: pdf-parser.py Version 0.7.1 Analyzing a Phishing PDF with /ObjStm Update: re-search.py Version 0.0.13 Update: oledump.py Version 0.0.42 Maldoc: Excel 4.0 Macro Quickpost: PDF Tools Download Feature Update: pecheck.py Version 0.7.6

YouTube videos:

Analyzing a Phishing PDF with /ObjStm Maldoc: Excel 4.0 Macro Maldoc Analysis: Excel 4.0 Macro

Videoblog posts:

Analyzing a Phishing PDF with /ObjStm Maldoc: Excel 4.0 Macro Maldoc Analysis: Excel 4.0 Macro

SANS ISC Diary entries:

Quick and Dirty Malicious HTA Analysis Wireshark 3.0.0 and Npcap Tip: Ghidra & ZIP Files Maldoc: Excel 4.0 Macros Video: Maldoc Analysis: Excel 4.0 Macro Wireshark 3.0.0 and Npcap: Some Remarks “VelvetSweatshop” Maldocs Decoding QR Codes with Python “VelvetSweatshop” Maldocs: Shellcode Analysis “404” is not Malware

by

Title: Overview of Content Published in February

Here is an overview of content I published in February:

Blog posts:

Update: cut-bytes.py Version 0.0.9 Update: oledump.py Version 0.0.41 Update: translate.py Version 2.5.5 Update: pdf-parser.py Version 0.7.0

YouTube videos:

Analyzing a Simple HTML Phishing Attachment Maldoc Analysis of the Weekend Finding Property Values in Office Documents PDF: Stream Objects (/ObjStm)

Videoblog posts:

Analyzing a Simple HTML Phishing Attachment Maldoc Analysis of the Weekend Finding Property Values in Office Documents PDF: Stream Objects (/ObjStm)

SANS ISC Diary entries:

Video: Analyzing a Simple HTML Phishing Attachment Maldoc Analysis of the Weekend Video: Maldoc Analysis of the Weekend Have You Seen an Email Virus Recently? Finding Property Values in Office Documents Video: Finding Property Values in Office Documents Know What You Are Logging Identifying Files: Failure Happens Sextortion Email Variant: With QR Code Maldoc Analysis by a Reader

by

Overview of Content Published in January

Here is an overview of content I published in January:

Blog posts:

Update: msoffcrypto-crack.py Version 0.0.2 Update: msoffcrypto-crack.py Version 0.0.3

YouTube videos:

msoffcrypto-crack

Videoblog posts:

msoffcrypto-crack

SANS ISC Diary entries:

Make a Wheel in 2019! Maldoc with Nonfunctional Shellcode A Malicious JPEG? A Malicious JPEG? Second Example Malicious .tar Attachments Analyzing Encrypted Malicious Office Documents Quick Maldoc Analysis Suspicious GET Request: Do You Know What This Is? Video: Analyzing Encrypted Malicious Office Documents