Here is an overview of content I published in November:

Blog posts:

Quickpost: Using pcapy with Npcap on Windows Update: hash.py Version 0.0.6 Update: cut-bytes.py Version 0.0.8 Video: Analyzing PowerPoint Maldocs with oledump Plugin plugin_ppt Quickpost: Compiling 32-bit Static ELF Files on Kali Quickpost: Compiling with Build Tools for Visual Studio 2017

YouTube videos:

oledump: plugin_ppt CyberChef: BASE64/XOR Recipe Dissecting a CVE-2017-11822 Exploit

SANS ISC Diary entries:

Windows Defender’s Sandbox TriJklcj2HIUCheDES decryption failed? Dissecting a CVE-2017-11882 Exploit Video: CyberChef: BASE64/XOR Recipe Wireshark update 2.6.5 available Video: Dissecting a CVE-2017-18822 Exploit (correction: CVE-2017-11822)

Here is an overview of content I published in October:

Blog posts:

KEIHash: Fingerprinting SSH Release: Python Tool Templates New tool: decompress_rtf.py Update: pdf-parser.py Version 0.6.9 Update: oledump.py Version 0.0.38 Analyzing PowerPoint Maldocs with oledump Plugin plugin_ppt Update: file-magic.py Version 0.0.3 Update: file-magic.py Version 0.0.4 Update: format-bytes.py Version 0.0.6

SANS ISC Diary entries:

Decoding Custom Substitution Encodings with translate.py Developing YARA Rules: a Practical Example YARA: XOR Strings YARA XOR Strings: Some Remarks Maldoc: Once More It’s XOR CyberChef: BASE64/XOR Recipe MSG Files: Compressed RTF Detecting Compressed RTF Maldoc Duplicating PowerShell Prior to Use