Your new best friend: Introducing BloodHound Community Edition!

Kurt Natvig explains how he recompiled malicious VBA macro code to valid harmless Python 3.x code.

In this video walkthrough, we covered some sysinternal tools from Microsoft that can be used to investigate the presence of malware.
#Microsoft
#sysinternals
----
Answers
https://motasem-notes.net/malware-hunting-with-microsoft-sysintenals-tools-tryhackme/…

YARA rules are used to classify and identify malware samples by creating descriptions of malware families based on textual or binary patterns.

Analyzing malware written in Go: recovering function names in stripped Go binaries and defining strings within Ghidra for reverse engineers.

Standard collection of rules for capa: the tool for enumerating the capabilities of programs - GitHub - mandiant/capa-rules: Standard collection of rules for capa: the tool for enumerating the capa...

Boris Larin, security researcher at Kaspersky's GReAT, demonstrates how to setup debugging, how to use WinDBG (+how to solve common problems), and analyses the latest Windows 0day CVE-2021-28310.

The article was prepared by BI.ZONE Cyber Threats Research Team

Blue team training platform for SOC analysts, threat hunters, DFIR, and security blue teams to advance CyberDefense skills.

A series of posts about QEMU internals: . Contribute to airbus-seclab/qemu_blog development by creating an account on GitHub.

Godzilla Vs. Kong Vs … Ghidra? - Ghidra Scripting, PCode Emulation and Password Cracking

This article will analyze EKANS Ransomware. It will go over how to reverse engineer a Golang binary and describe the ppular obfuscation tool, Gobfuscate.

Demo. Contribute to mgrube/JavaProcessInject development by creating an account on GitHub.

Through dynamic loading malware authors can covertly load malicious code into their application in order to avoid detection. We can detect such loading...

Last March, Roberto Amado and I (Víctor Calvo) gave a talk at RootedCON 2020 titled Sandbox fingerprinting: Avoiding analysis environments. The talk consisted of two parts, the first of which dealt with classifying public sandbox environments for malware…