I've recently created a new repository to track all the obfuscation techniques I've observed whilst tracking the imfamous Log4j2 vulnerability (CVE-2021-44228). This can be found on my GitHub page at the following: https://github.com/mcb2Eexe/Log4j2-Obfucation Full details of this vulnerability can be found at: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2021-44228 As well as POC at: https://github.com/ka7ana/log4j-test Enjoy...
A quick script to allow for regular expression searching across large data sets. This utilises Python's multiprocessing to search large amounts of data in chunks and scales to the amount of available CPU cores. Full details found on my Github: https://github.com/mcb2Eexe/superGrep
It's been a long time since I've had a chance to work on anything outside my day job as I've been extremely busy which has left my CTF without a walkthrough. I'm still extremely busy so I thought it would be useful to share the answers and source code which can be used as reference … Continue reading [C] ZombieLand CTF Answers and Source Code
For anyone working with Snort, its invaluable to have an environment to develop and test rules. This allows you to tune rules to be as effective as possible and can also be used to aid investigations in incident response situations. This latest blog is going to take you through how to setup a test lab … Continue reading [Py] Snort IDS Script
YARA is an advanced string searching tool designed to assist malware researchers in identifying malware samples. Its extremely versatile, allowing analysts to scan a variety of file types both on disk or in memory, to quickly highlight pre-identified malicious indicators and classify the files. I've created a bash script to make it easier to scan … Continue reading [BSH] Quick Tip: YARA Scanning Files