Blog posts

Sshimpanzee

Fri 24 March 2023

Sshimpanzee, a reverse SSH tool with encapsulation feature.

Post Exploitation
Read more

Cobalt Strike Investigation - Part 2

Thu 09 March 2023

This second part will focus on the 'jump' command in Cobalt Strike, used to establish a connection from a compromised system to the command and control (C2) server.

CSIRT
Read more

Cobalt Strike Investigation Part 1

Tue 20 September 2022

Cobalt Strike Investigation - Part 1

CSIRT
Read more

Obfuscated obfuscation

Mon 11 April 2022

This article is a step-by-step guide to reverse an APK protected with DexGuard using Jadx

Vulnerability
Read more

AvosLocker Ransomware Linux Version Analysis

Wed 02 March 2022

Avoslocker analysis

Malware
Read more

DanaBot Communications Update

Mon 20 September 2021

This short blog post is about the minor changes introduced in the version 1987 of DanaBot.

Malware
Read more

Dridex Loader Analysis

Tue 06 April 2021

This article is a deep dive into the Dridex Loader

Malware
Read more

Lockbit analysis

Fri 02 October 2020

This article is a deep dive into the IOCP and encryption process from LockBit in depth.

Malware
Read more