Overview of Content Published in March
Here is an overview of content I published in March:
Blog posts:
Update: oledump.py Version 0.0.64
New Tool: xlsbdump.py
spring4shell Capture File
YouTube videos:
TShark & Multiple IP Addresses
Maldoc Cleaned by Anti-Virus
Videoblog posts:
YARA?s Console Module
MSBuild & Cobalt Strike
Quick & Dirty Shellcode Analysis ? CVE-2017-11882
TShark & Multiple IP Addresses
Maldoc Cleaned by Anti-Virus
SANS ISC Diary entries:
TShark & Multiple IP Addresses
oledump’s Extra Option
Video: TShark & Multiple IP Addresses
ICMP Messages: Original Datagram Field
YARA 4.2.0 Released
Curl on Windows
SolarWinds Advisory: Unauthenticated Access in Web Help Desk (12.7.5)
MGLNDD_* Scans
Maldoc Cleaned by Anti-Virus
Wireshark 3.6.3 Released
Video: Maldoc Cleaned by Anti-Virus
Quickie: Parsing XLSB Documents
NVISO blog posts:
Cobalt Strike: Memory Dumps – Part 6
Cobalt Strike: Overview – Part 7
NVISO Videos:
Using Known Private Keys To Decrypt Traffic
Using Process Memory To Decrypt Traffic
Dealing With Obfuscated Traffic And Process Memory
Decrypting DNS Traffic