Continuous Threat Exposure Management
I recently earned a certificate in exposure management and here’s some of the key takeaways. Cyber teams now have a broad attack surface with assets ranging from on-prem to IoT and cloud...
Cybersecurity
20 posts
Malware Dev – Chapter 07 – Anti-Disassembly Strategies
Continued series from the Malware Development for Ethical Hackers Book. GitHub repo: EricTurner3 – Malware_Development. Opcode / Assembly Obfuscation The main point of opcode obfuscation is to...
Malware Dev – Chapter 06 – Anti-VM Strategies
Continued series from the Malware Development for Ethical Hackers Book. GitHub repo: EricTurner3 – Malware_Development. Filesystem Detection Techniques VirtualBox Machine Detection The book...
Malware Dev - Chapter 05 - Anti-Debugging Tricks
Continued series from the Malware Development for Ethical Hackers Book. GitHub repo: EricTurner3 – Malware_Development. Detecting Debugger IsDebuggerPresent() /* Anti-Debugging - Check for...
Malware Dev - Chapter 04 - Privilege Escalation
Continued series from the Malware Development for Ethical Hackers Book. GitHub repo: EricTurner3 – Malware_Development. This chapter contains methods to achieve persistence of malware in Windows....
Malware Dev - Chapter 03 - Persistence
Continued series from the Malware Development for Ethical Hackers Book. GitHub repo: EricTurner3 - Malware_Development. This chapter contains methods to achieve persistence of malware in Windows....
Malware Dev - Chapter 02 - Injection
Continued series from the Malware Development for Ethical Hackers Book. The first part of this chapter deals with process and DLL injection. I will break the APC injection and API hooking Process...
Malware Dev - Chapter 01
I recently picked several new books from Packt, including Malware Development for Ethical Hackers. This book aims to demonstrate some of the techniques seen in malware, and showcase writing...
Malware Analysis - Mirai Wicked Sample - 9Jan2025
Analysis of a sample from Malware bazaar: MalwareBazaar | SHA256 a01d53662d83c31a5b4478bc57fc4fee1ba9d4f6178a94a107c472133adea368 (Mirai) Stage 1 The initial download is a linux script in...
[Encrypted] HackTheBox - Sherlock - Lovely Malware
This investigation is currently active on HackTheBox, thus is required to be password protected. You will need to wait until the investigation is retired for the full solution, or if you have...
Malware Digitally Signed by Microsoft
While working on a sherlock from HackTheBox, I researched a tactic of threat actors abusing the Microsoft driver signing process to allow their malware to be digitally signed by Microsoft. General...
TryHackMe: Advent of Cyber 2024
I've spent the past few weeks tackling TryHackMe's Advent of Cyber 2024. Some of my favorite challenges were: Day 1 OPSEC, searching online to try and find similar strings via GitHub to link back...
QAKBot Campaign 6Apr2023
Correspondence Sender Subject Attachment Name Attachment Hash (with VirusTotal link) clemke[@]e-chuppah[.]com RE: New Borrowers AK.pdf...
Trojan.Kryptic - 22 Mar 2023
Initial Email An email was discovered from comel[@]industry-mass[.]com. This site was created within the last 15 days. The email was titled Tax return 2022 and contained a .docx file. Opening this...
Odd phishing link
Friend sent me a strange message she got with the following link: Thanks government, for giving me my money back on some strange link Attempt 1: www I booted into my REMnux VM and turned on Burp...
Finding x-callback-url / Deep Link of iOS Apps
I find often I like doing automations between apps. While you can use the Open App functionality with Shortcuts, trying to open an app from something like a Reminder requires a URL. This guide...
Wordle Reverse Engineered
Wordle Share Grid I've been seeing posts for this wordle game on my facebook, and it seems to be alight on Twitter as well. I decided to try the game today and was able to get it on my fourth try!...
Malware Analysis #2
SHA256 Hash: 1ffd6559d21470c40dcf9236da51e5823d7ad58c93502279871c3fe7718c901c I searched the daily list of MalShare.com and pulled a random hash for investigation today, downloaded through my...
Malware Analysis - #1
See here on my post on creating your own Malware Analysis lab! I created an account on VirusShare to download some malware samples. I downloaded the first one so let's dive in and see what we can...
Malware Analysis Lab
I decided to try and get into my own malware analysis, but I needed to create my own lab for safe testing. I wanted to outline how I set mine up. Update 2 Mar 2022: I migrated from VirtualBox to...