Here is an overview of content I published in July:
Blog posts:
- Update; base64dump.py Version 0.0.7
- Update: zipdump.py Version 0.0.9
- Update: pecheck.py Version 0.7.0
- Update: re-search.py Version 0.0.8
- I Will Follow (no, not talking about social media)
- Quickpost: mimikatz !bsod
- Video: mimikatz & !bsod
- Video: mimikatz & minesweeper
- Select Parent Process from VBA
- Update: zipdump.py Version 0.0.10
- Analyzing ClamAV Signatures
- Analyzing ClamAV Signatures – Correction
- ClamAV sigtool –decode-sigs
- Mimikatz Videos
- Beta: format-bytes.py
- Quickpost: Analyzing .ISO Files Containing Malware
- .ISO Files With Zone.Identifier
- Update:zipdump.py Version 0.0.11
- Update: oledump.py Version 0.0.28
- Update: emldump.py Version 0.0.10
- oledump.py *.vir
- Update: python-per-line.py Version 0.0.2
- New Tool: headtail.py
- The Clip Command
- The Paste Command
- Update: count.py Version 0.2.0
- Analyzing Password Dumps With My Tools – Part 1
- .ISO Files & autorun.inf
- Quickpost: Trying Out JA3
- Update: translate.py Version 2.5.0
YouTube videos:
- Ransomware: Very Simple IOC Extraction
- mimikatz & !bsod
- mimikatz & minesweeper
- Select Parent Process From VBA
- mimikatz & Protected Processes
- mimikatz RPC Mode
- mimikatz skeleton
- .ISO Files With Zone.Identifier
- .ISO Files & autorun.inf
Videoblog posts:
- Ransomware: Very Simple IOC Extraction
- .ISO Files & autorun.inf
- .ISO Files With Zone.Identifier
- mimikatz & !bsod
- mimikatz & minesweeper
- mimikatz & Protected Processes
- mimikatz RPC Mode
- mimikatz skeleton
- Select Parent Process From VBA
SANS ISC Diary entries: