A rather lengthy video to showcase my analysis techniques and thought processes when analysing malicious macros. In this case I review a Trickbot downloader which hides an interesting nuance if certain folders are present on the machine. Hopefully of use to those learning how to reverse engineering high-level code. Sample discussed: https://www.virustotal.com/#/file/1512b7e34006ff7b69c76601fcf554668a3378d31c77b44507960d46e3a7c02c/detection
Here I run through some behavioural analysis of Olympic Destroyer malware which steals local credentials, propagates around a network and renders victim machine
Here I demonstrate how to overcome a simple self-defence tactic that some malware samples commonly utilise to target their victims and prevent sandbox / VM anal
https://www.csiac.org/podcast/trickbot Cybercriminals have developed many methods to exploit browser applications in order to obtain individual's credentials.
In this video we figure out how to do a popunder in Chrome version 59, by using a trick. Hopefully Chrome fixes this, because I resent this kind of advertisemen
I made so many mistakes when I started out at my first software development job from an efficiency/productivity perspective. In this video I try and cover those
In this video I explain how to copy or import VBA code to another workbook. This is great if you found code on the web, want to transfer code from one workbook
ConfuserEx Link - https://github.com/yck1509/ConfuserEx/releases Telerik Decompiler - http://www.telerik.com/products/decompiler.aspx ConfuserEx Anti-Decomp
Here I show how to extract an Emotet payload from a malicious office document. Feel free to leave suggestions for new videos in the comments.
"The Tech Lead" Patrick Shyu explains why he quit Google as a software engineer. Join me in my new coding interview training program here http://techinterviewp
Speaker: Sean "Frank^2" Taylor Security Engineer, Rapid7 Binary obfuscation is commonly applied in malware and by software vendors in order to frustrate the ef
Here I showcase how you can use an awesome tool from Kahu Security called CMD Watcher; which watches for where cmd.exe is invoked, suspends the process, extract
Here I show you how to reverse engineer a malicious JavaScript file which drops Netwire RAT malware. The JavaScript contains the encoded contents of the malware
Here I demonstrate how a DLL Search Order Hijack bug in WhatsApp for Windows can be exploited by Malware to remain persistent. It's a little tongue-in-cheek, bu
We analyze an Office maldoc sample that is suited for analysis with ViperMonkey, a free open-source VBA Emulator. More details on our blog: https://blog.nviso.b
With a bit of time on my hands, I decided to have a go at making a 3D engine using nothing but ASCII at the Windows Command Prompt. I was surprised how sophisti
Adylkuzz is a cryptominer malware sample which is being propagated via the EternalBlue exploit, popularised by the recent WannaCry Ransomware outbreak. Here I
In this video we discuss and demonstrate code obfuscation in C. What is code obfuscation and why would you use it? The intent with code obfuscation is to protec
Open Analysis Live! We unpack TrickBot and extract it's configuration file using x64dbg and a Python script from the KevinTheHermit project. Expand for more...
https://media.ccc.de/v/34c3-8789-lets_break_modern_binary_code_obfuscation A semantics based approach Do you want to learn how modern binary code obfuscation
Download Link of Office Malware Scanner http://www.reconstructer.org/ ---------------- For Donations: Bitcoin: 3FWUstDpEnoYN4NiLH2HLChLDiVe48GBaM Ethereum: 0xF5