Zen & the Art of Digital Forensics
0 1
Forensic investigations are an intense and detail-oriented field where accuracy and efficiency are paramount. However, the constant pressure can often lead to stress and burnout. Whether dealing wi…
on Sun, 4PM
mStrings: A Practical Approach to Malware String Analysis
0 0
String analysis is a cornerstone of malware investigation, revealing embedded commands, URLs, and other artifacts that can expose a threat’s intent. mStrings, a Rust-based tool, simplifies this pro…
on Mar 14
MalChela Updates: New Features and Enhancements
0 0
It’s been just over a week since MalChela was initially released and already here have been a number of updates. mStrings In the previous post, I walked through the new mStrings function. I think t…
on Mar 14
MalChela – A YARA and Malware Analysis Toolkit written in Rust
0 0
Saturday was for Python. Sunday was for Rust. After my success with the Python + YARA + Hashing, I decided to take things to the next level. Over the past few years I’ve created a number of P…
on Mar 9
Creating custom hash sets with YARA and Python
0 0
I don’t like to brag, he said, but you should see the size of my malware library. For a recent project, I wanted to produce a hash set for all the malware files in my repository. Included in …
on Mar 1
Exploring Magnet Virtual Summit 2025 CTF Challenges, Part II (Windows)
0 0
This is part II of this series; for part I see Exploring Magnet Virtual Summit 2025 CTF Challenges (iOS). If we jump into Axiom and head to the User Accounts, we can see that the SID for chick is S…
on Feb 27
Exploring Magnet Virtual Summit 2025 CTF Challenges (iOS)
0 0
A couple weeks ago, I participated in the Magnet Virtual Summit 2025 CTF (Capture the Flag). While I don’t think I will ever see a day where I win one of these, (speed is not my forte), I enj…
on Feb 24
Upcoming talks at Magnet Virtual Summit 2025
0 0
Just two more weeks to the Magnet Virtual Summit 2025! If you’ve been procrastinating on registering, don’t miss out. It’s completely free! The conference is scheduled for February 10th through the…
on Jan 31
Book Review: Cloud Forensics Demystified
0 0
At this point, we’ve all heard the expression ‘There is no cloud; It’s just someone else’s computer.’ While there is some truth to that, there are some fundamental dif…
on Oct 7
Beyond Hashes: Simplifying Malware Identification with Python and MpCmdRun
0 0
In an earlier post titled “Growing Your Malware Corpus”, I outlined methods for building a comprehensive test corpus of malware for detection engineering. It covers using sources like VX-Undergroun…
on Sep 21
Installing the latest SIFT Workstation in WSL
0 0
If you’re like me and have your favorite forensic tools for Linux, and your favorite tools for Windows, you can run them both on the same machine without having to diminish resources with the…
on Jun 3
MAGNET Virtual Summit 2024 Capture the Flag
0 0
I’ve been participating in the MAGNET sponsored Capture the Flag (CTF) events since before being happily employed there. In a way you could say that one helped facilitate the other, but that&…
on Mar 12, 2024