[BSH] Snort Test Environment

For anyone working with Snort, its invaluable to have an environment to develop and test rules. This allows you to tune rules to be as effective as possible and can also be used to aid investigations in incident response situations or for malware analysis. This latest blog is going to take you through how to … Continue reading [BSH] Snort Test Environment →

Featured

[RE] Zombieland CTF – Reverse Engineering for Beginners

I've been working on my programming recently to help improve my reverse engineering skills and I've just finished writing my first reverse engineering capture the flag. I've tried to make the assembly as clear and simple as possible, whilst still remaining challenging, to allow inexperienced REs to be able to step through and really get … Continue reading [RE] Zombieland CTF – Reverse Engineering for Beginners →

[BSH] PCAP Email Extractor

This is just a quick post to share a technique I use to extract emails from trigger PCAPs. This can be achieved using tools like Network Miner etc, but I prefer the command line approach as it scales better, its quicker and it can be built upon to add additional functionality as you go. The … Continue reading [BSH] PCAP Email Extractor →

Didier Stevens

(blog 'DidierStevens)

0ffset

Malware Phobia

Malware analysis for beginners