https://forensicitguy.github.io/my-sans-dfir-netwars-experience/ 2022-03-28T23:09:20+00:00 https://forensicitguy.github.io/making-meterpreter-look-google-signed/ 2022-03-28T23:09:20+00:00 https://forensicitguy.github.io/adding-process-hiding-to-merlin/ 2022-03-28T23:09:20+00:00 https://forensicitguy.github.io/whitelisting-ld-preload-for-fun-and-no-profit/ 2022-03-28T23:09:20+00:00 https://forensicitguy.github.io/when-local-password-resets-arent-local/ 2022-03-28T23:09:20+00:00 https://forensicitguy.github.io/exploiting-yum-dnf-plugins-persistence/ 2022-03-28T23:09:20+00:00 https://forensicitguy.github.io/linux-edr-evasion-meterpreter-ld-preload/ 2022-03-28T23:09:20+00:00 https://forensicitguy.github.io/how-qbot-uses-esentutl/ 2022-03-28T23:09:20+00:00 https://forensicitguy.github.io/analyzing-empire-macos-pkg-stager/ 2022-03-28T23:09:20+00:00 https://forensicitguy.github.io/extracting-sfx-installer/ 2022-03-28T23:09:20+00:00 https://forensicitguy.github.io/rich-header-hashes-with-pefile/ 2022-03-28T23:09:20+00:00 https://forensicitguy.github.io/smarter-not-harder-malware-analysis/ 2022-03-28T23:09:20+00:00 https://forensicitguy.github.io/analyzing-log4shell-muhstik/ 2022-03-28T23:09:20+00:00 https://forensicitguy.github.io/analyzing-icedid-document/ 2022-03-28T23:09:20+00:00 https://forensicitguy.github.io/analyzing-magnitude-magniber-appx/ 2022-03-28T23:09:20+00:00 https://forensicitguy.github.io/a-tale-of-two-dropper-scripts/ 2022-03-28T23:09:20+00:00 https://forensicitguy.github.io/extracting-indicators-from-packed-mirai/ 2022-03-28T23:09:20+00:00 https://forensicitguy.github.io/adventures-in-yara-hashing-entropy/ 2022-03-28T23:09:20+00:00 https://forensicitguy.github.io/decoding-webshell-using-nodejs/ 2022-03-28T23:09:20+00:00 https://forensicitguy.github.io/powerpoint-macros-olevba/ 2022-03-28T23:09:20+00:00 https://forensicitguy.github.io/inspecting-powershell-cobalt-strike-beacon/ 2022-03-28T23:09:20+00:00 https://forensicitguy.github.io/analyzing-cactustorch-hta-cobaltstrike/ 2022-03-28T23:09:20+00:00 https://forensicitguy.github.io/emotet-excel4-macro-analysis/ 2022-03-28T23:09:20+00:00 https://forensicitguy.github.io/extracting-payloads-excel-dna-xlls/ 2022-03-28T23:09:20+00:00 https://forensicitguy.github.io/bazariso-analysis-advpack/ 2022-03-28T23:09:20+00:00 https://forensicitguy.github.io/hcrypt-injecting-bitrat-analysis/ 2022-03-28T23:09:20+00:00 https://forensicitguy.github.io/guloader-executing-shellcode-callbacks/ 2022-03-28T23:09:20+00:00 https://forensicitguy.github.io/strrat-attached-to-msi/ 2022-03-28T23:09:20+00:00 https://forensicitguy.github.io/njrat-installed-from-msi/ 2022-03-28T23:09:20+00:00 https://forensicitguy.github.io/agenttesla-rtf-dotnet-tradecraft/ 2022-03-28T23:09:20+00:00 https://forensicitguy.github.io/xloader-formbook-velvetsweatshop-spreadsheet/ 2022-03-28T23:09:20+00:00 https://forensicitguy.github.io/analyzing-stealer-msi-using-msitools/ 2022-03-28T23:09:20+00:00 https://forensicitguy.github.io/aggah-ppam-renamed-mshta/ 2022-03-28T23:09:20+00:00 https://forensicitguy.github.io/formbook-via-vbs-powershell-and-csharp/ 2022-03-28T23:09:20+00:00 https://forensicitguy.github.io/agenttesla-vba-certutil-download/ 2022-03-28T23:09:20+00:00 https://forensicitguy.github.io/snip3-crypter-dcrat-vbs/ 2022-04-16T00:00:00+00:00 https://forensicitguy.github.io/shortcut-to-emotet-ttp-change/ 2022-04-24T00:00:00+00:00 https://forensicitguy.github.io/analyzing-pirrit-adware-installer/ 2022-05-13T00:00:00+00:00 https://forensicitguy.github.io/analyzing-net-core-single-file-ducktail/ 2022-08-07T00:00:00+00:00 https://forensicitguy.github.io/pecheck-malware-weight-loss/ 2022-10-15T20:53:49+00:00 https://forensicitguy.github.io/malware-weight-loss-fast-foremost/ 2022-10-22T00:00:00+00:00 https://forensicitguy.github.io/net-downloader-originlogger/ 2023-01-07T00:00:00+00:00 https://forensicitguy.github.io/batloader-ursnif-redline-oh-my/ 2023-01-23T00:00:00+00:00 https://forensicitguy.github.io/netsupport-manager-malicious-installer/ 2023-02-25T00:00:00+00:00 https://forensicitguy.github.io/faster-malware-triage-yara/ 2023-07-14T23:02:12+00:00 https://forensicitguy.github.io/vhd-malware-an-excellent-choice/ 2023-07-25T21:24:42+00:00 https://forensicitguy.github.io/timelining-malware-vhd-intelligence/ 2023-08-04T00:00:00+00:00 https://forensicitguy.github.io/dissecting-java-pikabot-dropper/ 2024-03-03T00:00:00+00:00 https://forensicitguy.github.io/decompiling-jphp-loader-binwalk-cfr/ 2024-07-20T00:00:00+00:00 https://forensicitguy.github.io/exploring-venomrat-metadata-encryption-with-yara/ 2025-01-02T00:00:00+00:00 https://forensicitguy.github.io/squeezing-cobalt-strike-intel-from-shodan/ 2025-05-19T01:31:42+00:00 https://forensicitguy.github.io/categories/ 2025-08-27T01:33:01+00:00 https://forensicitguy.github.io/tags/ 2025-08-27T01:33:01+00:00 https://forensicitguy.github.io/archives/ 2025-08-27T01:33:01+00:00 https://forensicitguy.github.io/about/ 2025-08-27T01:33:01+00:00 https://forensicitguy.github.io/ https://forensicitguy.github.io/tags/sans/ https://forensicitguy.github.io/tags/dfir/ https://forensicitguy.github.io/tags/netwars/ https://forensicitguy.github.io/tags/meterpreter/ https://forensicitguy.github.io/tags/chrome/ https://forensicitguy.github.io/tags/msfvenom/ https://forensicitguy.github.io/tags/jar/ https://forensicitguy.github.io/tags/metasploit/ https://forensicitguy.github.io/tags/merlin/ https://forensicitguy.github.io/tags/ld-preload/ https://forensicitguy.github.io/tags/libprocesshider/ https://forensicitguy.github.io/tags/linux/ https://forensicitguy.github.io/tags/whitelisting/ https://forensicitguy.github.io/tags/unix/ https://forensicitguy.github.io/tags/ld-audit/ https://forensicitguy.github.io/tags/libpreloadvaccine/ https://forensicitguy.github.io/tags/windows/ https://forensicitguy.github.io/tags/active-directory/ https://forensicitguy.github.io/tags/domain-controllers/ https://forensicitguy.github.io/tags/accounts/ https://forensicitguy.github.io/tags/administrators/ https://forensicitguy.github.io/tags/dnf/ https://forensicitguy.github.io/tags/yum/ https://forensicitguy.github.io/tags/linux/ https://forensicitguy.github.io/tags/plugin/ https://forensicitguy.github.io/tags/persistence/ https://forensicitguy.github.io/tags/edr/ https://forensicitguy.github.io/tags/evasion/ https://forensicitguy.github.io/tags/qbot/ https://forensicitguy.github.io/tags/malware/ https://forensicitguy.github.io/tags/esentutil/ https://forensicitguy.github.io/tags/macos/ https://forensicitguy.github.io/tags/empire/ https://forensicitguy.github.io/tags/pkg/ https://forensicitguy.github.io/tags/7zip/ https://forensicitguy.github.io/tags/sfx/ https://forensicitguy.github.io/tags/self-extracting/ https://forensicitguy.github.io/tags/installers/ https://forensicitguy.github.io/tags/pefile/ https://forensicitguy.github.io/tags/pe/ https://forensicitguy.github.io/tags/rich/ https://forensicitguy.github.io/tags/header/ https://forensicitguy.github.io/tags/hash/ https://forensicitguy.github.io/tags/virustotal/ https://forensicitguy.github.io/tags/deobfuscation/ https://forensicitguy.github.io/tags/powershell/ https://forensicitguy.github.io/tags/net/ https://forensicitguy.github.io/tags/log4jshell/ https://forensicitguy.github.io/tags/java/ https://forensicitguy.github.io/tags/muhstik/ https://forensicitguy.github.io/tags/icedid/ https://forensicitguy.github.io/tags/msword/ https://forensicitguy.github.io/tags/mshta/ https://forensicitguy.github.io/tags/regsvr32/ https://forensicitguy.github.io/tags/magnitude/ https://forensicitguy.github.io/tags/magniber/ https://forensicitguy.github.io/tags/appx/ https://forensicitguy.github.io/tags/agenttesla/ https://forensicitguy.github.io/tags/javascript/ https://forensicitguy.github.io/tags/vbs/ https://forensicitguy.github.io/tags/mirai/ https://forensicitguy.github.io/tags/upx/ https://forensicitguy.github.io/tags/webshell/ https://forensicitguy.github.io/tags/nodejs/ https://forensicitguy.github.io/tags/powerpoint/ https://forensicitguy.github.io/tags/macros/ https://forensicitguy.github.io/tags/olevba/ https://forensicitguy.github.io/tags/cobalt-strike/ https://forensicitguy.github.io/tags/hta/ https://forensicitguy.github.io/tags/emotet/ https://forensicitguy.github.io/tags/excel4-macro/ https://forensicitguy.github.io/tags/xll/ https://forensicitguy.github.io/tags/excel-dna/ https://forensicitguy.github.io/tags/bazariso/ https://forensicitguy.github.io/tags/advpack/ https://forensicitguy.github.io/tags/hcrypt/ https://forensicitguy.github.io/tags/process-injection/ https://forensicitguy.github.io/tags/bitrat/ https://forensicitguy.github.io/tags/guloader/ https://forensicitguy.github.io/tags/shellcode/ https://forensicitguy.github.io/tags/callbacks/ https://forensicitguy.github.io/tags/strrat/ https://forensicitguy.github.io/tags/msi/ https://forensicitguy.github.io/tags/oledump/ https://forensicitguy.github.io/tags/njrat/ https://forensicitguy.github.io/tags/rtf/ https://forensicitguy.github.io/tags/equationeditor/ https://forensicitguy.github.io/tags/xloader/ https://forensicitguy.github.io/tags/formbook/ https://forensicitguy.github.io/tags/xlsx/ https://forensicitguy.github.io/tags/velvetsweatshop/ https://forensicitguy.github.io/tags/msitools/ https://forensicitguy.github.io/tags/stealer/ https://forensicitguy.github.io/tags/ppam/ https://forensicitguy.github.io/tags/macro/ https://forensicitguy.github.io/tags/aggah/ https://forensicitguy.github.io/tags/vbscript/ https://forensicitguy.github.io/tags/csharp/ https://forensicitguy.github.io/tags/certutil/ https://forensicitguy.github.io/tags/dcrat/ https://forensicitguy.github.io/tags/snip3/ https://forensicitguy.github.io/tags/lnk/ https://forensicitguy.github.io/tags/pirrit/ https://forensicitguy.github.io/tags/pkg/ https://forensicitguy.github.io/tags/postinstall/ https://forensicitguy.github.io/tags/ducktail/ https://forensicitguy.github.io/tags/net-core/ https://forensicitguy.github.io/tags/pecheck/ https://forensicitguy.github.io/tags/foremost/ https://forensicitguy.github.io/tags/originlogger/ https://forensicitguy.github.io/tags/iso/ https://forensicitguy.github.io/tags/batloader/ https://forensicitguy.github.io/tags/ursnif/ https://forensicitguy.github.io/tags/redline/ https://forensicitguy.github.io/tags/gpg/ https://forensicitguy.github.io/tags/msidump/ https://forensicitguy.github.io/tags/netsupport/ https://forensicitguy.github.io/tags/rar/ https://forensicitguy.github.io/tags/detectiteasy/ https://forensicitguy.github.io/tags/tools/ https://forensicitguy.github.io/tags/yara/ https://forensicitguy.github.io/tags/vhd/ https://forensicitguy.github.io/tags/plaso/ https://forensicitguy.github.io/tags/spreadsheets/ https://forensicitguy.github.io/tags/pikabot/ https://forensicitguy.github.io/tags/jphp/ https://forensicitguy.github.io/tags/binwalk/ https://forensicitguy.github.io/tags/d3fck/ https://forensicitguy.github.io/tags/venomrat/ https://forensicitguy.github.io/tags/threat-intelligence/ https://forensicitguy.github.io/tags/shodan/ https://forensicitguy.github.io/tags/cobaltstrike/ https://forensicitguy.github.io/categories/education/ https://forensicitguy.github.io/categories/security/ https://forensicitguy.github.io/categories/red-team/ https://forensicitguy.github.io/categories/linux/ https://forensicitguy.github.io/categories/blue-team/ https://forensicitguy.github.io/categories/windows/ https://forensicitguy.github.io/categories/linux/ https://forensicitguy.github.io/categories/malware/ https://forensicitguy.github.io/categories/tools/ https://forensicitguy.github.io/categories/yara/ https://forensicitguy.github.io/categories/hashing/ https://forensicitguy.github.io/categories/entropy/ https://forensicitguy.github.io/categories/malware/ https://forensicitguy.github.io/categories/threat-intelligence/ https://forensicitguy.github.io/page2/ https://forensicitguy.github.io/page3/ https://forensicitguy.github.io/page4/ https://forensicitguy.github.io/page5/ https://forensicitguy.github.io/page6/ https://forensicitguy.github.io/googlea91a102f7d513586.html 2025-08-27T01:32:56+00:00