At least once a year I try to publish my work process for a Capture The Flag (CTF) event. If you’re not familiar with CTFs, they’re a timed challenge of very difficult or obscure challenges to gain a “flag” to submit for points. Some enjoy these, some feel them a waste of time. At the …
Today we bring you a special guest posting by Tony “@captcook32” Cook. Late last year GrrCon hosted their anticipatory excellent set of challenges which included an in depth memory forensics challenge by Wyatt Roersma. Tony and myself took a few days on a down week to try our hand at the challenge. I lacked the …
The topic of web-based advertising is always a hot topic for discussion, debate, and outright argument. One realizes that the Internet in which we’ve grown accustomed to is reliant on ads; after all, Google is an advertisement company. In the recent past we’ve seen articles on malvertising targeted using Skype and more recently using the New York …
Happy New Years! As part of the new year, let’s make an effort to make your defensive posture better, especially through quicker and more effective malware analysis! A few years ago I created a sample malware analysis sandbox script to use for the analysis and reverse engineering that I performed on a daily basis. Let’s …