Tag: Python


Honey the kids hacked us! – Part 1

by nanoSpl0it
Categories: Coding, Python
Tags: , , ,
Comments: Leave a Comment

:Honey, the kids hacked us!: There are many different questions that go through your head or discussions you might have when you first become a parent. Here are a few of the questions and discussions that I was apart of. 1) Organic or non-organic? 2) Cloth diapers or disposable? 3) Breast milk or formula? 4)[…]


Importing Python Scripts: Clobbering sys.argv

by 8bits0fbr@in
Categories: Coding, Python
Tags: , , , , , , , , , ,
Comments: Leave a Comment

Often, we find the need to import a non-class based Python module into our own modules. Sure, many proper Python packages exist that we can use to do our dirty work (, but what about when we run into a random script that simply uses its own main() and various functions to get the job[…]


Foremost Automator Script

by Destruct_Icon
Categories: Analysis, Coding, Host Forensics, Python
Tags: , ,
Comments: Leave a Comment

Formost Automator Script A small project that we were working on involved using Foremost as an automated triage tool to run in the background as we were performing other analysis during incidents. The Foremost Automator Script was birthed from this project. If you are not familiar with Foremost, please check out our previous post at[…]


autobreak-api PyCommand – Automatic Breakpoint Lovin’!

Autobreak-api is an Immunity Debugger PyCommand (Python script) that parses a Windows Portable Executable (PE) to automatically set breakpoints on all imported functions. My goal in writing this script was to ease malware analysis by providing a method to triage specimens quickly. For more information, please see the on GitHub. The script along with[…]


XOR Script (Skips NULL bytes “00”)

by InterDimensional_Shambler
Categories: Analysis, Coding, Malware Reverse Engineering, Python
Tags: , ,
Comments: Leave a Comment

[Description of XOR Script] Updated January 2014 Hello! I’ve made a script (in python) that can take an XORed (file or string) and will XOR it with a user-defined XOR Key (single-byte or multi-byte). The reason for this is because there is XORed malware out there that is scripted to apply an XOR in various[…]

Today is Monday