Below are a couple of Z2A course write-ups. I did these ages ago but never published anything. These are from 2021; They demonstrate the malware RE process all the way through. Screenshots are probably missing since I wrote this in 2021
Week 3
Dynamic analysis
So we get the following…
Quick blogpost to mostly share a usefull script.
The twitter infosec community recently made a lot of noise around a new dll injection technique dubbed "mockingjay" https://www.bleepingcomputer.com/news/security/new-mockingjay-process-injection-technique-evades-edr-detection/
In my opinion, this is just another one of those Redteam rediscovered techniques that has…
I blurred domain names for "attack victims" in this blog post, however because of the very nature of how HSTS pre-loading works, most affected websites can be infered pretty easily
Edit Note: Both attacks discussed below, while annoying are medium-low impact in my opinion but they are pretty…
Posting this here. Some of the write-ups are incomplete but I don't really have time to finish this draft. Hope you enjoy the content nevertheless.
Chall 1
In script.js:
const CORRECT_GUESS = 57;
let rightGuessString = WORDS[CORRECT_GUESS];
let flag = rightGuessString + '@flare-on.com';
In words.…
This is my write-up around a couple of Kringlecon22 challenges.
I wanted to use chatGPT as much as possible as an experiment for some of these challenges.
It's a pretty cool tool to add to your arsenal but it's far from perfect. If you don'…