Didier Stevens

@DidierStevens

5-to-9 security researcher, Microsoft MVP, ISC Handler. Mostly IT security. & programming. & (hardware) hacking. & maldocs PDF/DOC. Avatar:

Belgium
Vrijeme pridruživanja: listopad 2008.

Medijski sadržaj

  1. 15. sij

    For all of you out there in restricted corporate environments who need to test the processing of event log entries for CVE-2020-0601, I wrote some VBA code to generate this event.

  2. 11. sij
    Odgovor korisniku/ci
  3. 11. sij

    Just received an email from AWS without subject and the following body :-)

  4. 4. sij

    Today I noticed that 7-Zip (on Windows at least) creates ZIP files with an "extra field" in each central directory entry. That extra field contains "NTFS" metadata: MAC times. This is documented in section 4.5.5 here

  5. 31. pro 2019.

    Hacked together a tool to extract Nim programming language strings from a Windows executable. Example here for a 32-bit PE file, a Zebrocy downloader written in Nim. Will probably integrate this functionality in my strings. py tool.

  6. 28. pro 2019.

    Today I found a new, open source tool from Microsoft: etl2pcapng. "Utility that converts an .etl file containing a Windows network packet capture into .pcapng format." Forked it and added code to add a comment to each packet containing the process id (PID)

  7. 28. pro 2019.
  8. 26. pro 2019.

    Making progress updating my zipdump tool to help with analysis of "Double Loaded Zip File with Nanocore"

  9. 25. pro 2019.

    Updating my zipdump tool to help with analysis of "Double Loaded Zip File with Nanocore" as reported by

  10. 25. pro 2019.
  11. 16. pro 2019.
  12. 16. pro 2019.
  13. 10. pro 2019.
  14. 8. pro 2019.

    I just installed Python 2.0.1. Have to be ready for 2020! :-)

  15. 3. pro 2019.

    Jet bridge control panel at Zaventem Brussels airport: hello Windows XP Professional :-)

  16. 30. stu 2019.
  17. 3. stu 2019.

    Reading up on .WAV files, malware and stego, I started to wonder how to use my tools to extract malware from .WAV files. Added a new feature to operate on bit level.

  18. 29. lis 2019.
  19. 28. lis 2019.
  20. 27. lis 2019.

Čini se da učitavanje traje već neko vrijeme.

Twitter je možda preopterećen ili ima kratkotrajnih poteškoća u radu. Pokušajte ponovno ili potražite dodatne informacije u odjeljku Status Twittera.

    Možda bi vam se svidjelo i ovo:

    ·