neonprimetime security , just trying to help

Monday, November 2, 2020

Application Security Policies Ideas

Application Security Policy ideas. A thread for my #infosec friends ... Make your policy applicable to all applications (internal, external...

Tuesday, October 6, 2020

70 IBM Qradar SIEM Tips!

https://twitter.com/neonprimetime/status/1313222901236142080 Hey for all you #infosec friends stuck with #ibm #qradar just like me, just rem...

Tuesday, September 15, 2020

How we use Agile Scrum for SIEM Detection Engineering and Threat Hunting

Thought I’d share a thread on how we use a form of #Agile Scrum to keep our #SIEM detection engineering and threat hunting organized. #bluet...

Tuesday, August 4, 2020

Agent Tesla , Doc => Powershell => C# => EXE => SMTP

https://app.any.run/tasks/27f1e600-b8fc-4c18-a6f0-b35799393cdc/ 88cd18b7fbe649bd756b3034525f34c3 function funcDecodeNetClassSourceCode {...

Friday, July 31, 2020

Ida Pro Python Save Dump Extract In Memory Unpacked Binary Bin

so i'm going to try in IDA hit SHIFT-F2, select python, type in this code filename = AskFile(1, "*.bin", "Output fil...

Wednesday, July 29, 2020

further into the emotet 1st level packer

emotet mfc https://app.any.run/tasks/585ddd5e-0dde-421f-8b8a-e7dbaf4f8c05/ 3F32E053657036D09C84D6DAD220EF50 my random notes on where i g...

Tuesday, July 28, 2020

emotet mfc using CreateDlgIndirect lpDialogFunc call-back

emotet mfc starting point notes, trying to figure out where the malicious code starts https://app.any.run/tasks/585ddd5e-0dde-421f-8b8a-e7d...

View web version

Powered by Blogger.