For the new pagedout online magazine I wrote an article, where I upgraded a challenge from last years Google CTF. In this video four well known youtuber try capture the flag and race against each other for fame and victory.

Racers:
MurmusCTF: https://ww…

GO binaries are weird, or at least, that is where this all started out. While delving into some Linux malware named Rex, I came to the realization that I might need to understand more than I wanted to

RPISEC ran a capture the flag called Hack the Vote 2016 that was themed after the election. In the competition was "The Wall" challenge by...

Java archive "jar" contains multiple exploits but also has an encrypted malware payload.

FLARE Obfuscated String Solver - Automatically extract obfuscated strings from malware. - mandiant/flare-floss

In this article we will try to explain the terms packer, crypter, and protector in the context of how they are used in malware.

Native Java bytecode debugging without source code explained on the CrowdStrike blog, click to learn more & read other top cybersecurity news!

What is the good Java debugger for .class files, if no source code available? jdb is seems pretty weak :(
I don't need to decompile .class, but I want to debug bytecode.

My random thoughts about programming, malwares and other cool tech related stuff.

The Malware Analyst's Cookbook is a great book. In it the authors talked about an interesting technique they called 'process hollowing'. When I read about it, I was intrigued and played around a bit with the examples from the book....

This technical blog digs into BokBot's core module and shows how BokBot infections have become more prevalent due to Emotet campaigns that leverage BokBot as a means to go after a victim’s personal banking information.

Materials available at https://samsclass.info/126/PMA.shtml
DEFCON25 Practical Malware Analysis CTF Workshop offered exclusively for Women in Infosec!
Learn how to analyze malware, including computer viruses,
Trojans, and rootkits, using disassemblers, debuggers…

Creating a custom command and control (C&C) server for someone else's malware has a myriad of benefits. If you can take over it a domain, you then may able to fully hijack other hackers' infected hosts. A more prosaic benefit is expediting analysis. While…