Date Author Title
2024-12-17Xavier MertensPython Delivering AnyDesk Client as RAT
2024-11-30Xavier MertensFrom a Regular Infostealer to its Obfuscated Version
2024-11-22Xavier MertensAn Infostealer Searching for « BIP-0039 » Data
2024-11-19Xavier MertensDetecting the Presence of a Debugger in Linux
2024-11-07Xavier MertensSteam Account Checker Poisoned with Infostealer
2024-11-05Xavier MertensPython RAT with a Nice Screensharing Feature
2024-09-18Xavier MertensPython Infostealer Patching Windows Exodus App
2024-09-17Xavier Mertens23:59, Time to Exfiltrate!
2024-09-16Xavier MertensManaging PE Files With Overlays
2024-09-13Jesse La GrewFinding Honeypot Data Clusters Using DBSCAN: Part 2
2024-09-11Xavier MertensPython Libraries Used for Malicious Purposes
2024-08-30Jesse La GrewSimulating Traffic With Scapy
2024-08-29Xavier MertensLive Patching DLLs with Python
2024-08-27Xavier MertensWhy Is Python so Popular to Infect Windows Hosts?
2024-08-26Xavier MertensFrom Highly Obfuscated Batch File to XWorm and Redline
2024-08-23Jesse La GrewPandas Errors: What encoding are my logs in?
2024-08-19Xavier MertensDo you Like Donuts? Here is a Donut Shellcode Delivered Through PowerShell/Python
2024-08-16Jesse La Grew[Guest Diary] 7 minutes and 4 steps to a quick win: A write-up on custom tools
2024-07-26Xavier MertensExelaStealer Delivered "From Russia With Love"
2024-07-24Xavier Mertens"Mouse Logger" Malicious Python Script
2024-07-10Jesse La GrewFinding Honeypot Data Clusters Using DBSCAN: Part 1
2024-06-06Xavier MertensMalicious Python Script with a "Best Before" Date
2024-05-31Xavier Mertens"K1w1" InfoStealer Uses gofile.io for Exfiltration
2024-05-30Xavier MertensFeeding MISP with OSSEC
2024-03-13Xavier MertensUsing ChatGPT to Deobfuscate Malicious Scripts
2024-02-20Xavier MertensPython InfoStealer With Dynamic Sandbox Detection
2024-02-08Xavier MertensA Python MP3 Player with Builtin Keylogger Capability
2024-01-25Xavier MertensFacebook AdsManager Targeted by a Python Infostealer
2024-01-19Xavier MertensmacOS Python Script Replacing Wallet Applications with Rogue Apps
2024-01-17Jesse La GrewNumber Usage in Passwords
2024-01-08Jesse La GrewWhat is that User Agent?
2023-12-23Xavier MertensPython Keylogger Using Mailtrap.io
2023-12-22Xavier MertensShall We Play a Game?
2023-12-16Xavier MertensAn Example of RocketMQ Exploit Scanner
2023-11-20Jesse La GrewOverflowing Web Honeypot Logs
2023-10-31Xavier MertensMultiple Layers of Anti-Sandboxing Techniques
2023-09-30Xavier MertensSimple Netcat Backdoor in Python Script
2023-08-25Xavier MertensPython Malware Using Postgresql for C2 Communications
2023-08-23Guy BruneauHow I made a qwerty ?keyboard walk? password generator with ChatGPT [Guest Diary]
2023-08-22Xavier MertensHave You Ever Heard of the Fernet Encryption Algorithm?
2023-08-17Jesse La GrewCommand Line Parsing - Are These Really Unique Strings?
2023-08-11Xavier MertensShow me All Your Windows!
2023-07-28Xavier MertensShellCode Hidden with Steganography
2023-06-20Xavier MertensMalicious Code Can Be Anywhere
2023-04-28Xavier MertensQuick IOC Scan With Docker
2023-03-18Xavier MertensOld Backdoor, New Obfuscation
2023-03-11Xavier MertensOverview of a Mirai Payload Generator
2023-03-01Xavier MertensPython Infostealer Targeting Gamers
2023-02-09Xavier MertensA Backdoor with Smart Screenshot Capability
2022-11-14Jesse La GrewExtracting 'HTTP CONNECT' Requests with Python
2022-10-24Xavier MertensC2 Communications Through outlook.com
2022-10-18Xavier MertensPython Obfuscation for Dummies
2022-09-26Xavier MertensEasy Python Sandbox Detection
2022-09-14Xavier MertensEasy Process Injection within Python
2022-08-19Johannes UllrichWindows Security Blocks UPX Compressed (packed) Binaries
2022-08-18Johannes UllrichHoneypot Attack Summaries with Python
2022-07-20Xavier MertensMalicious Python Script Behaving Like a Rubber Ducky
2022-06-24Xavier MertensPython (ab)using The Windows GUI
2022-05-24Yee Ching Tokctx Python Library Updated with "Extra" Features
2022-04-21Xavier MertensMulti-Cryptocurrency Clipboard Swapper
2022-01-20Xavier MertensRedLine Stealer Delivered Through FTP
2022-01-07Xavier MertensCustom Python RAT Builder
2022-01-06Xavier MertensMalicious Python Script Targeting Chinese People
2021-12-10Xavier MertensPython Shellcode Injection From JSON Data
2021-12-01Xavier MertensInfo-Stealer Using webhook.site to Exfiltrate Data
2021-08-30Xavier MertensCryptocurrency Clipboard Swapper Delivered With Love
2021-07-16Xavier MertensMultiple BaseXX Obfuscations
2021-07-08Xavier MertensUsing Sudo with Python For More Security Controls
2021-07-06Xavier MertensPython DLL Injection Check
2021-07-02Xavier Mertens"inception.py"... Multiple Base64 Encodings
2021-06-11Xavier MertensKeeping an Eye on Dangerous Python Modules
2021-05-31Rick WannerQuick and dirty Python: nmap
2021-05-04Rick WannerQuick and dirty Python: masscan
2021-04-29Xavier MertensFrom Python to .Net
2021-04-09Xavier MertensNo Python Interpreter? This Simple RAT Installs Its Own Copy
2021-04-02Xavier MertensC2 Activity: Sandboxes or Real Victims?
2021-03-18Xavier MertensSimple Python Keylogger
2020-12-10Xavier MertensPython Backdoor Talking to a C2 Through Ngrok
2020-11-20Xavier MertensMalicious Python Code and LittleSnitch Detection
2020-11-09Xavier MertensHow Attackers Brush Up Their Malicious Scripts
2020-10-20Xavier MertensMirai-alike Python Scanner
2020-10-14Xavier MertensNicely Obfuscated Python RAT
2020-09-18Xavier MertensA Mix of Python & VBA in a Malicious Word Document
2020-09-03Xavier MertensSandbox Evasion Using NTP
2020-09-02Xavier MertensPython and Risky Windows API Calls
2020-08-18Xavier MertensUsing API's to Track Attackers
2020-07-30Johannes UllrichPython Developers: Prepare!!!
2019-10-29Xavier MertensGenerating PCAP Files from YAML
2018-11-26Russ McReeViperMonkey: VBA maldoc deobfuscation
2017-11-23Xavier MertensProactive Malicious Domain Search
2017-10-05Johannes Ullrichpcap2curl: Turning a pcap file into a set of cURL commands for "replay"
2017-08-22Xavier MertensDefang all the things!
2017-04-19Xavier MertensHunting for Malicious Excel Sheets
2017-01-12Mark BaggettSystem Resource Utilization Monitor
2017-01-01Didier Stevenspy2exe Decompiling - Part 1
2016-11-27Russ McReeScapy vs. CozyDuke
2016-07-25Didier StevensPython Malware - Part 4
2016-07-16Didier StevensPython Malware - Part 3
2016-05-15Didier StevensPython Malware - Part 1
2014-12-04Mark BaggettAutomating Incident data collection with Python
2011-02-21Adrien de BeaupreWhat’s New, it's Python 3.2
2010-08-15Manuel Humberto Santander PelaezPython to test web application security
2010-06-14Manuel Humberto Santander PelaezPython on a microcontroller?
2010-03-30Marcus SachsZigbee Analysis Tools
2010-02-17Rob VandenBrinkMultiple Security Updates for ESX 3.x and ESXi 3.x
2009-05-25Jim ClausingMore tools for (US) Memorial Day