Hunting with YARA rules and ClamAV
Didier Stevens has published a post about using ClamAV with YARA rules for hunting in NVISO Labs blog. He notes that on…
Didier Stevens has published a post about using ClamAV with YARA rules for hunting in NVISO Labs blog. He notes that on…
SSMA is a simple malware analyzer written in Python 3. The tool has the following features: Analyze PE file’s header a…
Byte Atlas has published an interesting post on how to create and configure Windows 7 x64 virtual machine in VitrualBox for …
Stephanie Archibald from Cylance has written an article about the execution of multi-stage payloads on Mac OS X (up to Sierr…
bootcode_parser.py is a Python script designed to perform a quick offline analysis of the boot records used by BIOS based sy…
In this article, we are dealing with the main principles of the detection and analysis of the Android operating system malwa…
Noriben is a Python-based script by Brian Baskin that works in conjunction with Sysinternals Procmon to automatically c…
So you think you might have a compromised Windows system. If you do, where do you start? How would you review the memory of …
Dynamic-analysis techniques have become the linchpins of modern malware analysis. However, software-based methods have been …
Here is Andrew Case’ presentation on memory forensics of Linux and Mac systems from Enfuse 2016. …
Login