Skip to content
MalwareAnalysis.co

MalwareAnalysis.co

Central Hub for Malware Analysis Resources

  • Our Courses
  • Research Publications
  • Resources
    • Tools
      • Windows
      • macOS
      • Linux
      • Android
    • Malware Samples
    • Cheat Sheets
    • Sandboxes
    • Threat Intelligence
    • Labs & CTFs
    • Books
  • Community
    • Twitters to Follow
    • Forums and Blogs
  • About Us
  • Contact Us

Forums and Blogs

Malware Analysis Forums

KernelMode (Archive)

Reddit

HackForums

0x00Sec

MalwareTips

Malware Analysis  and Reverse Engineering Blogs

MalwareTech

Malware Traffic Analysis

Lenny Zeltser Blog

hasherezade’s 1001 nights

Vitali Kremez’s Blog

FireEye Blog

VirusBay Blog

CyberBit Blog

Cybereason Blog

Malware Must Die

Unit42 – Palo Alto

Lukas Stefanko Blog

Ghetto Forensics

Modexp

Hexacorn

Fumik0_’s box

Share this:

  • Click to share on Twitter (Opens in new window)
  • Click to share on LinkedIn (Opens in new window)
  • Click to share on Facebook (Opens in new window)
  • Click to share on WhatsApp (Opens in new window)
  • Click to share on Telegram (Opens in new window)

Twitter Feed

MalFuzzerUriel Kosayev@MalFuzzer·
20 May

Amazing how people running publicizing stuff they don’t verify or not sure about. A researcher is the one who always checks and verifies stuff, even and first himself.

Grzegorz Tworek@0gtweet

The SeManageVolumePrivilege _IS_NOT_ required to create a snapshot with vssadmin. Why people still spread such disinformation, instead of checking it? Verification takes seconds, while recordings of webinars containing false "knowledge" will stay with us for years.

Reply on Twitter 1527574925141233665Retweet on Twitter 15275749251412336651Like on Twitter 15275749251412336657Twitter 1527574925141233665
MalFuzzerUriel Kosayev@MalFuzzer·
19 May

Small PoC video, Shabbat shalom 😎
https://youtu.be/H9Dx5d3vuIQ

Reply on Twitter 1527422402195505152Retweet on Twitter 1527422402195505152Like on Twitter 15274224021955051522Twitter 1527422402195505152
Retweet on TwitterUriel Kosayev Retweeted
BallisKitBallisKit@BallisKit·
18 May

#ShellcodePack tip: Generate a malicious XLL and display a decoy message after the shellcode is triggered with the next options (also includes AV bypass):

-G hello.xll -t CMD --msgbox="Error, invalid office version!" --bypass

Reply on Twitter 1526967213260947458Retweet on Twitter 152696721326094745837Like on Twitter 152696721326094745895Twitter 1526967213260947458
Retweet on TwitterUriel Kosayev Retweeted
0gtweetGrzegorz Tworek@0gtweet·
18 May

Simple user-level persistence with grpconv.exe:
1. create %userprofile%\setup.ini
2. launch "grpconv.exe -o"
3. profit
Of course, grpconv.exe is provided with Windows 10, because you may need to convert Windows 3.x .grp files some day. 🙃

Reply on Twitter 1526833181831200770Retweet on Twitter 1526833181831200770203Like on Twitter 1526833181831200770684Twitter 1526833181831200770
MalFuzzerUriel Kosayev@MalFuzzer·
17 May

When your friend or student of yours finally finds a job where he is rewarded and feels good, it makes my day!

Reply on Twitter 1526470489748787200Retweet on Twitter 1526470489748787200Like on Twitter 152647048974878720013Twitter 1526470489748787200
  • Our Courses
  • Research Publications
  • Resources
    • Tools
      • Windows
      • macOS
      • Linux
      • Android
    • Malware Samples
    • Cheat Sheets
    • Sandboxes
    • Threat Intelligence
    • Labs & CTFs
    • Books
  • Community
    • Twitters to Follow
    • Forums and Blogs
  • About Us
  • Contact Us
MalwareAnalysis.co Proudly powered by WordPress