Things that i forget
Introduction This is post will host things that i usually write from scratch every time i need them. POWERSHELL Read sysmon logs Get-winevent...
Posts by Tag
- Frida 6
- android 6
- reverse 5
- engineering 5
- Threat 5
- hunting 5
- sysmon 5
- Threat-hunting 5
- windows 5
- logs 5
- ELK 5
- reverse engineering 1
- Jekyll 1
- update 1
- ARM64 1
- REV 1
- CTF 1
- EGCTF 1
Frida
Frida hooking android part 5: Bypassing AES encryption
Introduction In this post we will hook Java’s Crypto library using frida to acquire the data in clear text and the decryption/encryption keys from an androi...
Frida hooking android part 4
Introduction In this post we will not use console.log to print data, we will send the data from the JS code to the python code for more processing, and then...
Frida hooking android part 3
Introduction In the previous post, We were able to call function secret as soon as we attach our JS script into the target application process,in this tutor...
Frida hooking android part 2
Introduction In the previous post, i showed you how to intercept function calls ,log and modify the arguments, we will repeat this again in this post but wi...
Frida hooking android part 1
Introduction In this post and the next few posts we will talk about Frida the Dynamic Binary Instrumentation tool, I will show you some examples that highli...
android
Things that i forget
Introduction This is post will host things that i usually write from scratch every time i need them. POWERSHELL Read sysmon logs Get-winevent...
Frida hooking android part 5: Bypassing AES encryption
Introduction In this post we will hook Java’s Crypto library using frida to acquire the data in clear text and the decryption/encryption keys from an androi...
Frida hooking android part 4
Introduction In this post we will not use console.log to print data, we will send the data from the JS code to the python code for more processing, and then...
Frida hooking android part 3
Introduction In the previous post, We were able to call function secret as soon as we attach our JS script into the target application process,in this tutor...
Frida hooking android part 2
Introduction In the previous post, i showed you how to intercept function calls ,log and modify the arguments, we will repeat this again in this post but wi...
Frida hooking android part 1
Introduction In this post and the next few posts we will talk about Frida the Dynamic Binary Instrumentation tool, I will show you some examples that highli...
reverse
Things that i forget
Introduction This is post will host things that i usually write from scratch every time i need them. POWERSHELL Read sysmon logs Get-winevent...
Frida hooking android part 5: Bypassing AES encryption
Introduction In this post we will hook Java’s Crypto library using frida to acquire the data in clear text and the decryption/encryption keys from an androi...
Frida hooking android part 4
Introduction In this post we will not use console.log to print data, we will send the data from the JS code to the python code for more processing, and then...
Frida hooking android part 3
Introduction In the previous post, We were able to call function secret as soon as we attach our JS script into the target application process,in this tutor...
Frida hooking android part 2
Introduction In the previous post, i showed you how to intercept function calls ,log and modify the arguments, we will repeat this again in this post but wi...
engineering
Things that i forget
Introduction This is post will host things that i usually write from scratch every time i need them. POWERSHELL Read sysmon logs Get-winevent...
Frida hooking android part 5: Bypassing AES encryption
Introduction In this post we will hook Java’s Crypto library using frida to acquire the data in clear text and the decryption/encryption keys from an androi...
Frida hooking android part 4
Introduction In this post we will not use console.log to print data, we will send the data from the JS code to the python code for more processing, and then...
Frida hooking android part 3
Introduction In the previous post, We were able to call function secret as soon as we attach our JS script into the target application process,in this tutor...
Frida hooking android part 2
Introduction In the previous post, i showed you how to intercept function calls ,log and modify the arguments, we will repeat this again in this post but wi...
Threat
Threat Hunting with sysmon 101 part 4: Loading events in pandas dataframe
In the past article, we used powershell scripting to filter the events and perform basic querying, in this article we will load sysmon logs into python, and ...
Threat Hunting with sysmon 101 part 3: Command line investigation
In this article, we’ll look at Mitre technique T1059.001 Command and Scripting Interpreter: PowerShell. We will download and execute a batch file T1105: Ingr...
Threat Hunting with sysmon 101
Introduction I will begin a new series of blog posts where I engage in threat hunting using sysmon logs. Throughout the process, I will utilize free tools a...
hunting
Threat Hunting with sysmon 101 part 4: Loading events in pandas dataframe
In the past article, we used powershell scripting to filter the events and perform basic querying, in this article we will load sysmon logs into python, and ...
Threat Hunting with sysmon 101 part 3: Command line investigation
In this article, we’ll look at Mitre technique T1059.001 Command and Scripting Interpreter: PowerShell. We will download and execute a batch file T1105: Ingr...
Threat Hunting with sysmon 101
Introduction I will begin a new series of blog posts where I engage in threat hunting using sysmon logs. Throughout the process, I will utilize free tools a...
sysmon
Threat Hunting with sysmon 101 part 4: Loading events in pandas dataframe
In the past article, we used powershell scripting to filter the events and perform basic querying, in this article we will load sysmon logs into python, and ...
Threat Hunting with sysmon 101 part 3: Command line investigation
In this article, we’ll look at Mitre technique T1059.001 Command and Scripting Interpreter: PowerShell. We will download and execute a batch file T1105: Ingr...
Threat Hunting with sysmon 101
Introduction I will begin a new series of blog posts where I engage in threat hunting using sysmon logs. Throughout the process, I will utilize free tools a...
Threat-hunting
Threat Hunting with sysmon 101 part 4: Loading events in pandas dataframe
In the past article, we used powershell scripting to filter the events and perform basic querying, in this article we will load sysmon logs into python, and ...
Threat Hunting with sysmon 101 part 3: Command line investigation
In this article, we’ll look at Mitre technique T1059.001 Command and Scripting Interpreter: PowerShell. We will download and execute a batch file T1105: Ingr...
Threat Hunting with sysmon 101
Introduction I will begin a new series of blog posts where I engage in threat hunting using sysmon logs. Throughout the process, I will utilize free tools a...
windows
Threat Hunting with sysmon 101 part 4: Loading events in pandas dataframe
In the past article, we used powershell scripting to filter the events and perform basic querying, in this article we will load sysmon logs into python, and ...
Threat Hunting with sysmon 101 part 3: Command line investigation
In this article, we’ll look at Mitre technique T1059.001 Command and Scripting Interpreter: PowerShell. We will download and execute a batch file T1105: Ingr...
Threat Hunting with sysmon 101
Introduction I will begin a new series of blog posts where I engage in threat hunting using sysmon logs. Throughout the process, I will utilize free tools a...
logs
Threat Hunting with sysmon 101 part 4: Loading events in pandas dataframe
In the past article, we used powershell scripting to filter the events and perform basic querying, in this article we will load sysmon logs into python, and ...
Threat Hunting with sysmon 101 part 3: Command line investigation
In this article, we’ll look at Mitre technique T1059.001 Command and Scripting Interpreter: PowerShell. We will download and execute a batch file T1105: Ingr...
Threat Hunting with sysmon 101
Introduction I will begin a new series of blog posts where I engage in threat hunting using sysmon logs. Throughout the process, I will utilize free tools a...
ELK
Threat Hunting with sysmon 101 part 4: Loading events in pandas dataframe
In the past article, we used powershell scripting to filter the events and perform basic querying, in this article we will load sysmon logs into python, and ...
Threat Hunting with sysmon 101 part 3: Command line investigation
In this article, we’ll look at Mitre technique T1059.001 Command and Scripting Interpreter: PowerShell. We will download and execute a batch file T1105: Ingr...
Threat Hunting with sysmon 101
Introduction I will begin a new series of blog posts where I engage in threat hunting using sysmon logs. Throughout the process, I will utilize free tools a...
reverse engineering
Frida hooking android part 1
Introduction In this post and the next few posts we will talk about Frida the Dynamic Binary Instrumentation tool, I will show you some examples that highli...
Jekyll
Welcome to Jekyll!
You’ll find this post in your _posts directory. Go ahead and edit it and re-build the site to see your changes. You can rebuild the site in many different wa...
update
Welcome to Jekyll!
You’ll find this post in your _posts directory. Go ahead and edit it and re-build the site to see your changes. You can rebuild the site in many different wa...
ARM64
EG-CTF 2019 ‘DGA’ challenge writeup
Introduction EG-CTF 2019 was held on 15-Nov-2019, most of the challenges were written by people working at EG-CERT, this challenge is not one of those chal...
REV
EG-CTF 2019 ‘DGA’ challenge writeup
Introduction EG-CTF 2019 was held on 15-Nov-2019, most of the challenges were written by people working at EG-CERT, this challenge is not one of those chal...
CTF
EG-CTF 2019 ‘DGA’ challenge writeup
Introduction EG-CTF 2019 was held on 15-Nov-2019, most of the challenges were written by people working at EG-CERT, this challenge is not one of those chal...
EGCTF
EG-CTF 2019 ‘DGA’ challenge writeup
Introduction EG-CTF 2019 was held on 15-Nov-2019, most of the challenges were written by people working at EG-CERT, this challenge is not one of those chal...