Didier Stevens

Thursday 1 November 2007

Announcing Quickposts

Filed under: Announcement — Didier Stevens @ 18:55

From now on, I’ll intersperse my blog with Quickposts.

I’ve a need to post short tips and tricks, mainly for my own reference. These Quickposts will document solutions for small problems I encountered during my work or research. I could also use a Quickpost to announce a discovery I don’t plan to research extensively.
The main characteristic of Quickposts will be the limited amount of time and research I spend on them, hence the quality of the content will suffer.

Quickposts have their own Quickpost category, the title will always start with Quickpost:, and if a Quickpost requires updating (to correct errors), I will edit the post instead of publishing a new Quickpost.

The first Quickpost will be about installing Kismet on my N800.

Of course, I stay committed to my weekly posts.

107 Comments »

  1. […] kismet Quickpost info […]

    Pingback by Quickpost: Installing Kismet on a N800 « Didier Stevens — Friday 2 November 2007 @ 8:37

  2. […] So why would you disable ASLR? I don’t know, I just think it’s a funny trick . But maybe you got an idea? Let me know, post a comment. Quickpost info […]

    Pingback by Quickpost: Another Funny Vista Trick with ASLR « Didier Stevens — Tuesday 20 November 2007 @ 8:06

  3. […] Quickpost: Restoring Safe Mode with a .REG File for Windows 2000 SP4 Professional Filed under: Uncategorized — Didier Stevens @ 11:00 I added the SafeBoot registry keys for Windows 2000 SP4 Professional to the zip file and updated the post. Quickpost info […]

    Pingback by Quickpost: Restoring Safe Mode with a .REG File for Windows 2000 SP4 Professional « Didier Stevens — Sunday 9 December 2007 @ 11:00

  4. […] UEME_RUNPATH UEME_CTLCUACount:ctor UEME_CTLSESSION UEME_RUNPIDL UEME_RUN Quickpost info […]

    Pingback by Quickpost: Windows Server 2008 UserAssist Keys « Didier Stevens — Tuesday 8 January 2008 @ 21:19

  5. […] launch the copy from a BAT file Quickpost info […]

    Pingback by Quickpost: GUI vs. CUI « Didier Stevens — Monday 14 January 2008 @ 9:48

  6. […] You can download both PDF files here. Quickpost info […]

    Pingback by Quickpost: About the Physical and Logical Structure of PDF Files « Didier Stevens — Wednesday 9 April 2008 @ 7:03

  7. […] Quickpost info […]

    Pingback by Quickpost: Linux Kernel Joke « Didier Stevens — Wednesday 16 April 2008 @ 9:30

  8. […] the embedded file over several subs, to accommodate for the size limitation of Office VBscripts. Quickpost info Possibly related posts: (automatically generated)Office 2007 and OE Spell […]

    Pingback by Quickpost: Embedding an Executable in a VBscript « Didier Stevens — Monday 9 June 2008 @ 11:56

  9. […] I’ve a couple of other AirPcap programs written in Python (like one to monitor probe requests). If there’s enough interest, I’ll clean up the code and publish it. Be aware that you need an AirPcap adapter for all these programs. Quickpost info […]

    Pingback by Quickpost: WiFi Channel Hopping with an AirPcap Adapter « Didier Stevens — Tuesday 10 June 2008 @ 9:27

  10. […] One of your visitors certainly uses the Firesomething Firefox add-on! Quickpost info […]

    Pingback by Quickpost: PyroMenagerie « Didier Stevens — Wednesday 3 September 2008 @ 15:46

  11. […] Quickpost info […]

    Pingback by Quickpost: WiFi Antenna With 360° Servo « Didier Stevens — Monday 22 September 2008 @ 10:18

  12. […] If you convert CredView to a DLL and inject it in the LSA process, you’ll be able to retrieve the passwords. This is exactly what Cain & Abel does. Quickpost info […]

    Pingback by Quickpost: Stored User Names and Passwords « Didier Stevens — Friday 26 September 2008 @ 19:06

  13. […] Quickpost info Possibly related posts: (automatically generated)Wardriving on the EurostarWireless Video Security CameraCanary WiFi Spotter >> StarTech WiFi DetectorWatch Surveillance Camera Footage or DVDs on Unused Television Channels […]

    Pingback by Quickpost: WiFi Availability « Didier Stevens — Sunday 23 November 2008 @ 11:02

  14. […] this particular e-mail provided me some WTF entertainment . Quickpost info Possibly related posts: (automatically generated)Citibank […]

    Pingback by Quickpost: Citibank Phishing E-mails « Didier Stevens — Sunday 30 November 2008 @ 11:28

  15. […] You can use the same procedure to edit other (config) files, or add files like your favorite utilities. Quickpost info […]

    Pingback by Quickpost: Running Backtrack 3 on a Eee PC « Didier Stevens — Tuesday 6 January 2009 @ 20:46

  16. […] So it looks like the AV engines on Virustotal don’t reduce PDF names to a canonical form. Quickpost info […]

    Pingback by Quickpost: /JBIG2Decode Signatures « Didier Stevens — Sunday 1 March 2009 @ 20:17

  17. […] Python program to generate these PoC PDF documents here, it needs the mPDF module of my PDF-tools. Quickpost info Possibly related posts: (automatically generated)PDF Stream ObjectsUsing DLE In An […]

    Pingback by Quickpost: /JBIG2Decode Essentials « Didier Stevens — Monday 2 March 2009 @ 23:12

  18. […] Vimeo and hires Xvid. Quickpost info Possibly related posts: (automatically generated)Quickpost: /JBIG2Decode EssentialsThree […]

    Pingback by Quickpost: /JBIG2Decode Trigger Trio « Didier Stevens — Wednesday 4 March 2009 @ 14:36

  19. […] hidden in object streams (/ObjStm) and could render a document unreadable if encryption is used. Quickpost info Comments […]

    Pingback by Quickpost: Disarming a PDF File « Didier Stevens — Wednesday 29 April 2009 @ 16:53

  20. […] Quickpost info Comments (0) […]

    Pingback by Quickpost: Using Your Poken as a Lowcost LF RFID Detector « Didier Stevens — Monday 4 May 2009 @ 0:05

  21. […] C5FCE76443549C3A8882B799B6F7A754EF6AEE5F11F3E94FF255EE541205C17B Quickpost info Possibly related posts: (automatically generated)FileGen « Didier StevensAnalyzing a Suspect […]

    Pingback by Quickpost: Disinformational Tweets « Didier Stevens — Sunday 10 May 2009 @ 12:57

  22. […] Quickpost info Comments (0) […]

    Pingback by Quickpost: Sending WiFi Beacon Frames with an AirPcap Adapter « Didier Stevens — Monday 1 June 2009 @ 10:29

  23. […] the latest issue of (IN)SECURE Magazine on how malicious PDFs could infect without getting opened. Quickpost info Possibly related posts: (automatically generated)Quickpost: Back from Black Hat Europe […]

    Pingback by Quickpost: PDF Security Tidbits « Didier Stevens — Saturday 6 June 2009 @ 14:57

  24. […] I’m able to run the simple example successfully. Quickpost info Leave a […]

    Pingback by Quickpost: Arduino XBee Shield Series 2 Configuration « Didier Stevens — Wednesday 24 June 2009 @ 14:37

  25. […] 1, 197, 5).ChangeFPS(25) Quickpost info Leave a […]

    Pingback by Quickpost: Time Lapse Photography With a Nokia Mobile « Didier Stevens — Monday 29 June 2009 @ 2:22

  26. […] challenged, say your laptop was infected with a virus from that damned hotel’s WiFi network. Quickpost info Leave a […]

    Pingback by Quickpost: TrueCrypt’s Boot Loader Screen Options « Didier Stevens — Monday 13 July 2009 @ 0:28

  27. […] 042FA2CE1F5AEBD433D59B9D4755783E6CE58014FE59086C6A2A8E8781C63B45 Quickpost info Possibly related posts: (automatically generated)Looking for N800 Beta Testers, No Voyeurs Please […]

    Pingback by Quickpost: More Picture-Taking with Python « Didier Stevens — Tuesday 21 July 2009 @ 9:25

  28. […] Quickpost info Leave a Comment […]

    Pingback by Quickpost: Ardubot Programming « Didier Stevens — Sunday 23 August 2009 @ 14:15

  29. […] you’re actually blowing into the alcohol gas sensor. For example a gas pressure sensor. Quickpost info Leave a […]

    Pingback by QuickPost: Arduino + Alcohol Gas Sensor + WiShield + LCD « Didier Stevens — Wednesday 9 September 2009 @ 20:07

  30. […] SelectMyParent version 0.0.0.1 is available here. Quickpost info […]

    Pingback by Quickpost: SelectMyParent or Playing With the Windows Process Tree « Didier Stevens — Sunday 22 November 2009 @ 20:37

  31. […] SelectMyParent version 0.0.0.1 is available here. Quickpost info […]

    Pingback by Roy Firestein » Quickpost: SelectMyParent or Playing With the Windows Process Tree — Friday 27 November 2009 @ 5:19

  32. […] be detected. As to why AVG needs to detect EICAR test file droppers, I have no idea… Quickpost info Leave a […]

    Pingback by Quickpost: « Didier Stevens — Friday 4 December 2009 @ 14:58

  33. […] doesn’t support the write-protection tab and always allow the OS to write to the SD card. Quickpost info Leave a […]

    Pingback by Quickpost: Read-Only USB Stick « Didier Stevens — Sunday 20 December 2009 @ 20:52

  34. […] can be downloaded on the PDF Tools page. Quickpost info Possibly related posts: (automatically generated)Update: pdf-parser Version 0.3.5 Leave a […]

    Pingback by Quickpost: New Versions of PDFiD and pdf-parser « Didier Stevens — Wednesday 13 January 2010 @ 21:55

  35. […] Quickpost info Possibly related posts: (automatically generated)Excel Exercises in Style Leave a Comment […]

    Pingback by Quickpost: Shellcode to Load a DLL From Memory « Didier Stevens — Thursday 28 January 2010 @ 3:09

  36. […] not because it looks for them, but because it builds a whitelist in training mode. Quickpost info Leave a […]

    Pingback by Quickpost: Quasi-Tautologies & SQL-Injection « Didier Stevens — Tuesday 2 February 2010 @ 9:54

  37. […] here. Quickpost info Leave a […]

    Pingback by Quickpost: NetworkMashup.xls « Didier Stevens — Monday 1 March 2010 @ 6:12

  38. […] only is the dialog box fixed, but the /Launch action is also disabled by default. Quickpost info Possibly related posts: (automatically generated)Escape From PDFSoldier Imprisoned as […]

    Pingback by Quickpost: No Escape From PDF « Didier Stevens — Tuesday 29 June 2010 @ 18:41

  39. […] -d LNK-CPL-CVE-2010-2568.ndb -l scan.log -r c: Quickpost info Leave a […]

    Pingback by Quickpost: 2 .LNK Tools « Didier Stevens — Sunday 8 August 2010 @ 10:52

  40. […] Quickpost info Leave a Comment […]

    Pingback by Quickpost: « Didier Stevens — Wednesday 18 August 2010 @ 10:43

  41. […] will also prevent DLLs from loading from untrusted sources in the case of DLL Preloading exploits. Quickpost info Possibly related posts: (automatically generated)Mitigating .LNK Exploitation With Ariad […]

    Pingback by Quickpost: Ariad & DLL Preloading « Didier Stevens — Thursday 26 August 2010 @ 12:11

  42. […] Quickpost info Leave a Comment LikeBe the first to like this post.Leave a Comment » […]

    Pingback by Quickpost: Adobe Reader X « Didier Stevens — Friday 19 November 2010 @ 18:03

  43. […] Quickpost info Leave a Comment LikeBe the first to like this post. […]

    Pingback by Quickpost: "It Does No Harm…" or Does It? « Didier Stevens — Monday 17 January 2011 @ 0:01

  44. […] Quickpost info Leave a Comment LikeBe the first to like this post. […]

    Pingback by Quickpost: Checking ASLR « Didier Stevens — Tuesday 18 January 2011 @ 11:14

  45. […] Quickpost info Leave a Comment LikeBe the first to like this post. […]

    Pingback by Quickpost: Blocking and Detecting a Teensy Dropper « Didier Stevens — Thursday 14 July 2011 @ 9:58

  46. […] Quickpost info Like this:LikeBe the first to like this post. Leave a Comment […]

    Pingback by Quickpost: CCTV Over UTP « Didier Stevens — Monday 22 August 2011 @ 0:05

  47. […] Quickpost info Like this:LikeBe the first to like this post. Leave a Comment […]

    Pingback by Quickpost: Disassociating the Key From a TrueCrypt System Disk « Didier Stevens — Thursday 9 February 2012 @ 21:05

  48. […] Quickpost info […]

    Pingback by Quickpost: Spiders and CCTV « Didier Stevens — Thursday 15 November 2012 @ 15:13

  49. […] Quickpost info […]

    Pingback by Quickpost: Signed PDF Stego | Didier Stevens — Wednesday 15 May 2013 @ 14:09

  50. […] Quickpost info […]

    Pingback by Quickpost: Rovnix PCAP | Didier Stevens — Sunday 4 August 2013 @ 21:04

  51. […] Quickpost info […]

    Pingback by Quickpost: Proxy Cookies | Didier Stevens — Saturday 24 August 2013 @ 11:20

  52. […] Quickpost info […]

    Pingback by Quickpost: nmap & xml | Didier Stevens — Monday 25 November 2013 @ 20:47

  53. […] it fits in. So thanks to the pointer by my mate Craig Balding I am borrowing Didier Stevens “Quick Post” […]

    Pingback by Subliminal Hacking Quick Posts | Subliminal Hacking — Tuesday 6 January 2015 @ 12:11

  54. […] Quickpost info […]

    Pingback by Quickpost: Metasploit User Agent Strings | Didier Stevens — Monday 16 March 2015 @ 0:01

  55. […] Quickpost info […]

    Pingback by Quickpost: Maldocs: VBA And Pastebin | Didier Stevens — Wednesday 8 April 2015 @ 20:24

  56. […] Quickpost info […]

    Pingback by Quickpost: | Didier Stevens — Thursday 17 November 2016 @ 0:00

  57. […] Quickpost info […]

    Pingback by Quickpost: Dropbox & Alternate Data Streams | Didier Stevens — Monday 30 January 2017 @ 0:00

  58. […] Quickpost info […]

    Pingback by Quickpost: ClamAV and ZIP File Decryption | Didier Stevens — Wednesday 15 February 2017 @ 0:01

  59. […] Quickpost info […]

    Pingback by Quickpost: Using My Bash Bunny To “Snag Creds From A Locked Machine” | Didier Stevens — Thursday 6 April 2017 @ 23:22

  60. […] Quickpost info […]

    Pingback by Quickpost: Infinite Control For Bash Bunny | Didier Stevens — Saturday 8 April 2017 @ 11:25

  61. […] Quickpost info […]

    Pingback by Quickpost: Bash Bunny & Keyboard Layouts | Didier Stevens — Sunday 9 April 2017 @ 12:51

  62. […] Quickpost info […]

    Pingback by Quickpost: Internet Zone IDs | Didier Stevens — Tuesday 9 May 2017 @ 0:00

  63. […] Quickpost info […]

    Pingback by Quickpost: ZIP Password Cracking With John The Ripper | Didier Stevens — Friday 12 May 2017 @ 0:00

  64. […] Quickpost info […]

    Pingback by Quickpost: WCry Killswitch Check Is Not Proxy Aware | Didier Stevens — Saturday 13 May 2017 @ 11:54

  66. […] Quickpost info […]

    Pingback by Quickpost: mimikatz !bsod | Didier Stevens — Friday 7 July 2017 @ 20:31

  67. […] Quickpost info […]

    Pingback by Quickpost: Analyzing .ISO Files Containing Malware | Didier Stevens — Monday 17 July 2017 @ 22:15

  68. […] Quickpost info […]

    Pingback by Quickpost: Trying Out JA3 | Didier Stevens — Sunday 30 July 2017 @ 21:19

  69. […] Quickpost info […]

    Pingback by Quickpost: Using ClamAV On Windows | Didier Stevens — Thursday 24 August 2017 @ 0:01

  70. […] Quickpost info […]

    Pingback by Quickpost: Metasploit PowerShell BASE64 Commands | Didier Stevens — Saturday 26 August 2017 @ 21:39

  71. […] Quickpost info […]

    Pingback by Quickpost: PowerShell Options Order | Didier Stevens — Tuesday 29 August 2017 @ 0:01

  72. […] Quickpost info […]

    Pingback by Quickpost: DllDemo | Didier Stevens — Friday 8 September 2017 @ 0:00

  73. […] Quickpost info […]

    Pingback by Quickpost: Keyboard Setting For pfSense | Didier Stevens — Saturday 9 September 2017 @ 0:00

  74. […] Quickpost info […]

    Pingback by Quickpost: Update: Infinite Control For Bash Bunny | Didier Stevens — Sunday 17 September 2017 @ 16:39

  75. […] Quickpost info […]

    Pingback by Quickpost: GNU Radio On Windows | Didier Stevens — Monday 18 September 2017 @ 20:43

  76. […] Quickpost info […]

    Pingback by Quickpost: Creating A Simple Flow Graph With GNU Radio Companion | Didier Stevens — Tuesday 19 September 2017 @ 0:00

  77. […] Quickpost info […]

    Pingback by Quickpost: Mimikatz DCSync Detection | Didier Stevens — Sunday 8 October 2017 @ 22:40

  78. […] Quickpost info […]

    Pingback by Quickpost: Data Exfiltration With Tor Browser And Domain Fronting | Didier Stevens — Saturday 20 January 2018 @ 23:46

  79. […] Quickpost info […]

    Pingback by Quickpost: Retrieving Malware Via Tor On Windows | Didier Stevens — Sunday 21 January 2018 @ 22:46

  80. […] Quickpost info […]

    Pingback by Quickpost: Code To Connect To Tor Onion Service | Didier Stevens — Saturday 3 February 2018 @ 20:16

  81. […] Quickpost info […]

    Pingback by Quickpost: Remote Shell On Windows Via Tor Onion Service | Didier Stevens — Monday 5 February 2018 @ 0:01

  82. […] Quickpost info […]

    Pingback by Quickpost: Using nmap With Tallow (Tor proxy) | Didier Stevens — Monday 26 February 2018 @ 0:00

  83. […] Quickpost info […]

    Pingback by Quickpost: Using Suricata on Windows | Didier Stevens — Tuesday 27 March 2018 @ 0:00

  84. […] Quickpost info […]

    Pingback by Quickpost: John & Dummy Hashes | Didier Stevens — Wednesday 6 June 2018 @ 0:00

  85. […] Quickpost info […]

    Pingback by Quickpost: Decoding Certutil Encoded Files | Didier Stevens — Wednesday 27 June 2018 @ 0:00

  86. […] Quickpost info […]

    Pingback by Quickpost: Compiling DLLs with MinGW on Kali | Didier Stevens — Tuesday 10 July 2018 @ 0:00

  87. […] Quickpost info […]

    Pingback by Quickpost: Revisting JA3 | Didier Stevens — Saturday 18 August 2018 @ 0:00

  88. […] Quickpost info […]

    Pingback by Quickpost: Compiling DLLs with MinGW on Windows | Didier Stevens — Tuesday 28 August 2018 @ 0:01

  89. […] Quickpost info […]

    Pingback by Quickpost: Compiling EXEs and Resources with MinGW on Kali | Didier Stevens — Monday 17 September 2018 @ 0:01

  90. […] Quickpost info […]

    Pingback by Quickpost: Signing Windows Executables on Kali | Didier Stevens — Monday 24 September 2018 @ 0:00

  91. […] Quickpost info […]

    Pingback by Quickpost: Compiling 32-bit Static ELF Files on Kali | Didier Stevens — Monday 19 November 2018 @ 0:00

  92. […] Quickpost info […]

    Pingback by Quickpost: Compiling with Build Tools for Visual Studio 2017 | Didier Stevens — Monday 26 November 2018 @ 0:01

  93. […] Quickpost info […]

    Pingback by Quickpost: PDF Tools Download Feature | Didier Stevens — Saturday 23 March 2019 @ 9:34

  94. […] Quickpost info […]

    Pingback by Quickpost: Browsers & Content-Disposition | Didier Stevens — Thursday 4 April 2019 @ 0:00

  95. […] of my first quickposts, more than 10 years ago, was an howto: using openssl to retrieve the certificate of a web […]

    Pingback by Quickpost: Retrieving an SSL Certificate with nmap | Didier Stevens — Sunday 19 May 2019 @ 8:28

  96. […] Quickpost info […]

    Pingback by Quickpost: C Random Functions in Other Languages | Didier Stevens — Tuesday 11 June 2019 @ 0:01

  97. […] Quickpost info […]

    Pingback by Quickpost: nslookup Types | Didier Stevens — Wednesday 3 July 2019 @ 0:00

  98. […] Quickpost info […]

    Pingback by Quickpost: tcp-honeypot.py & Browser Tests | Didier Stevens — Tuesday 30 July 2019 @ 0:00

  99. […] Quickpost info […]

    Pingback by Quickpost: ExifTool, OLE Files and FlashPix Files | Didier Stevens — Monday 21 October 2019 @ 0:00

  100. […] Quickpost info […]

    Pingback by Quickpost: Compiling Service DLLs with MinGW on Kali | Didier Stevens — Monday 28 October 2019 @ 7:36

  101. […] Quickpost info […]

    Pingback by Quickpost: Running a Service DLL | Didier Stevens — Tuesday 29 October 2019 @ 0:00

  102. […] Quickpost info […]

    Pingback by Quickpost: User-Agent: Microsoft Office Excel 2014 — Monday 23 March 2020 @ 20:54

  103. […] Quickpost info […]

    Pingback by Quickpost: curl — Sunday 12 July 2020 @ 1:09

  104. […] Quickpost info […]

    Pingback by Quickpost: dig On Windows | Didier Stevens — Friday 11 September 2020 @ 9:05

  105. […] Quickpost info […]

    Pingback by Quickpost: USB Passive Load — Monday 28 September 2020 @ 2:14

  106. […] Quickpost info […]

    Pingback by Quickpost: VMware OS Version Snapshots | Didier Stevens — Saturday 31 October 2020 @ 4:47

  107. […] Quickpost info […]

    Pingback by Quickpost: “ProxyLogon PoC” Capture File | Didier Stevens — Friday 12 March 2021 @ 21:35


RSS feed for comments on this post. TrackBack URI

Leave a Reply (comments are moderated)

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Blog at WordPress.com.