An aggregator for digital forensics blogs
This is an update of my tool to analyze Cobalt Strike beacons.
Option -l can be used to generate YARA rules to search for Cobalt Strike beacons with a given license ID.
1768_v0_0_4.zip (https)
MD5: 35779393F2DC6171731446F8E0AC361B
SHA256: 59148C2DA13BE4DB203F9444E837911476BDE74E41E5A82C865E9729101336D2
This is an update to my tool base64dump.py: a tool to detect and decode encodings like base64, hexadecimal, …
A new decoding option was added with version 0.0.13: dec (decimal).
base64dump_V0_0_13.zip (https)
MD5: B322C1E55108FB1559009FC4C1CF12DE
SHA256: EE6527B4F558439916D9854980D6980EECA9F130F37BBF4034453ABBD8BF3260
This is a Python 3 bug fix version of my tool to analyze ZIP files.
zipdump_v0_0_21.zip (https)
MD5: 9B2839C1028FA5D07F2E07FDB56306D9
SHA256: 48653BB2B3009241C4C536BF64D16A6DFDA4B66D6658EC6BCFA79647AE4D5FA8