Category: Coding


Foremost Automator Script

by Destruct_Icon
Categories: Analysis, Coding, Host Forensics, Python
Tags: , ,
Comments: Leave a Comment

Formost Automator Script A small project that we were working on involved using Foremost as an automated triage tool to run in the background as we were performing other analysis during incidents. The Foremost Automator Script was birthed from this project. If you are not familiar with Foremost, please check out our previous post at[…]


Deobfuscating JavaScript and Shellcode: Debugging + Dedicated Tools – Part 1/2

Welcome to Part I of a two-part series on JavaScript and shellcode deobfuscation! In this first video, I explore a few different methods using which one can deobfuscate JavaScript. I cover using a browser-based debugger along with various Windows and Linux tools to decode scripts. We explore deobfuscating JavaScript in a real-world environment using readily-available[…]


autobreak-api PyCommand – Automatic Breakpoint Lovin’!

Autobreak-api is an Immunity Debugger PyCommand (Python script) that parses a Windows Portable Executable (PE) to automatically set breakpoints on all imported functions. My goal in writing this script was to ease malware analysis by providing a method to triage specimens quickly. For more information, please see the on GitHub. The script along with[…]


NTUSER, SOFTWARE or SYSTEM Hive Registry Parser

Registry Parser There has been times where I would like to parse through a NTUSER, SYSTEM, SOFTWARE hive and pull back just the key and sub keys that have been modified between a certain date (which is one of the arguments for the below python script). Thanks to William Ballenthin for showing how this is[…]


User Input Sanitization – A Triple-Pronged Approach

by 8bits0fbr@in
Categories: Coding, Java, JavaScript, PHP
Tags: No Tags
Comments: 1 Comment

User Input Sanitization User input filtering, a.k.a. input sanitization, is one of the most important concepts within the security realm.  Improper handling of user input can lead to numerous vulnerabilities, including buffer overflows, SQL injection, command injection, format string attacks, etc.  Sadly, developers often overlook the importance of this practice. While this concept extends to[…]


XOR Script (Skips NULL bytes “00”)

by InterDimensional_Shambler
Categories: Analysis, Coding, Malware Reverse Engineering, Python
Tags: , ,
Comments: Leave a Comment

[Description of XOR Script] Updated January 2014 Hello! I’ve made a script (in python) that can take an XORed (file or string) and will XOR it with a user-defined XOR Key (single-byte or multi-byte). The reason for this is because there is XORed malware out there that is scripted to apply an XOR in various[…]


Java Basics and Tutorials – Links

by Destruct_Icon
Categories: Coding, Java
Tags: No Tags
Comments: Leave a Comment

Java Basics and Tutorials Finished up on some Database fundamentals and next is Java goodness. I’m going to post a few links for java basics and tutorials. When I get some spare time, I will also add some code snippets which will give basic understanding for things like arrays and simple math. I found that[…]

Today is Tuesday