I recently started the Zero2Automated Advanced Malware Analysis Course created by @0verfl0w_ and @VK_Intel. So far I’ve found this to be an excellent course and I’m looking forward to completing the rest of it. I would highly recommend it to anyone looking to advance their skills in malware analysis or...
[Read More]
Antivirus and AMSI Evasion with Covenant
Reversing CTF - Flare-On 2019 Challenegs
FireEye recently announced the 7th annual Flare-On Challenge! For those who are unaware, Flare-On is the Front Line Applied Research & Expertise (FLARE) team’s annual CTF-style challenge for all active and aspiring reverse engineers, malware analysts and security professionals. I first attempted Flare-on in 2019 and I’m looking forward to...
[Read More]
Catching Malware In Memory Part 1 - Detecting Process Injection
This post breaks down how to detect classic and reflective DLL injection on a live Windows host by enumerating running processes and their threads for signs of malicious code injection. I’ll be using code snippets from my tool GetInjectedThreads throughout this post to explain the detection process and including screenshots...
[Read More]
Hack The Box - Sniper
Sniper was a pretty fun machine that put an interesting spin on a couple of older attack techniques. Unlike some other machines that I’ve come across lately, its difficulty rating is pretty accurate. Overall, exploitation is fairly straightforward apart from a couple of interesting twists - for example having to...
[Read More]