Here is an overview of content I published in March:

Blog posts: Update: oledump.py Version 0.0.64 New Tool: xlsbdump.py spring4shell Capture File YouTube videos: TShark & Multiple IP Addresses Maldoc Cleaned by Anti-Virus Videoblog posts: YARA?s Console Module MSBuild & Cobalt Strike Quick & Dirty Shellcode Analysis ? CVE-2017-11882 TShark & Multiple IP Addresses Maldoc Cleaned by Anti-Virus SANS ISC Diary entries: TShark & Multiple IP Addresses oledump’s Extra Option Video: TShark & Multiple IP Addresses ICMP Messages: Original Datagram Field YARA 4.2.0 Released Curl on Windows SolarWinds Advisory: Unauthenticated Access in Web Help Desk (12.7.5) MGLNDD_* Scans Maldoc Cleaned by Anti-Virus Wireshark 3.6.3 Released Video: Maldoc Cleaned by Anti-Virus Quickie: Parsing XLSB Documents NVISO blog posts: Cobalt Strike: Memory Dumps – Part 6 Cobalt Strike: Overview – Part 7 NVISO Videos: Using Known Private Keys To Decrypt Traffic Using Process Memory To Decrypt Traffic Dealing With Obfuscated Traffic And Process Memory Decrypting DNS Traffic

Here is an overview of content I published in February:

Blog posts: Update: jpegdump.py Version 0.0.9 Windows Explorer: Improper Exif Data Removal Beta: smtp-honeypot.py Update: oledump.py Version 0.0.63 Update: 1768.py Version 0.0.12 YouTube videos: YARA’s Console Module Quick & Dirty Shellcode Analysis – CVE-2017-11882 SANS ISC Diary entries: Power over Ethernet and Thermal Imaging Wireshark 3.6.2 Released Video: YARA’s Console Module Sending an Email to an IPv4 Address? Windows, Fixed IPv4 Addresses and APIPA Video: Quick & Dirty Shellcode Analysis – CVE-2017-11882

Here is an overview of content I published in January:

SANS ISC Diary entries: Expect Regressions TShark & jq Extracting Cobalt Strike Beacons from MSBuild Scripts YARA’s Console Module