DuckLogs - New Malware Strain Spotted In The Wild as part of a Malware as a Service - performs multiple malicious activities such as Stealer, Keylogger, Clipper, Remote access, etc.
๐ฃdigicat
๐@malwr
๐ฃdigicat
๐@malwr
Cyble
Cyble - DuckLogs - New Malware Strain Spotted In The Wild
Cyble analyzes DuckLogs - a new Malware-as-a-Service that provides sophisticated malware features to Threat Actors at a relatively low price.
kitabisa/teler release v2.0.0-dev
๐ฃdwisiswant0
Nice. So this kind of got me thinking why not just use suricata or Snort as an IPS since teler โjust detectsโ and basically my conclusion
Docker Compose:
Nginx (terminates HTTPS) -> Snort -> nginx-> PHP (in my case)
I mean technically youโd re-encrypt after snort and send it the rest of the way but in Docker I think itโs fine to send unencrypted from snort to Webserver (if not exposed)
๐คcoder_karl
๐@malwr
๐ฃdwisiswant0
Nice. So this kind of got me thinking why not just use suricata or Snort as an IPS since teler โjust detectsโ and basically my conclusion
Docker Compose:
Nginx (terminates HTTPS) -> Snort -> nginx-> PHP (in my case)
I mean technically youโd re-encrypt after snort and send it the rest of the way but in Docker I think itโs fine to send unencrypted from snort to Webserver (if not exposed)
๐คcoder_karl
๐@malwr
GitHub
GitHub - teler-sh/teler: Real-time HTTP Intrusion Detection
Real-time HTTP Intrusion Detection. Contribute to teler-sh/teler development by creating an account on GitHub.
Gepetto: IDA plugin which queries OpenAI's ChatGPT to explain decompiled functions
๐ฃdigicat
๐@malwr
๐ฃdigicat
๐@malwr
GitHub
GitHub - JusticeRage/Gepetto: IDA plugin which queries language models to speed up reverse-engineering
IDA plugin which queries language models to speed up reverse-engineering - JusticeRage/Gepetto
๐ฑ3
Noob here, tried adding via hash sets, but failed. Any idea on how to add in SHA1 values in the Metadata for Autopsy while viewing a outlook.pst file? I'm able to view the MD5 & SHA256 hash values of the file, however I'm unable to view the SHA1 value. Any advise would be greatly appreciated
๐ฃLMJR500Army
Looks like only MD5 and SHA256 are supported as of the last revision to hashdb. See here: https://github.com/sleuthkit/autopsy/issues/175
๐คpositronikal
๐@malwr
๐ฃLMJR500Army
Looks like only MD5 and SHA256 are supported as of the last revision to hashdb. See here: https://github.com/sleuthkit/autopsy/issues/175
๐คpositronikal
๐@malwr
Tracking and Analyzing Location Data
๐ฃgue-niiiii
Very nice implementation.
๐คpleiadeslink
๐@malwr
๐ฃgue-niiiii
Very nice implementation.
๐คpleiadeslink
๐@malwr
www.jakobmaier.at
Tracking and Analyzing My Location Data | Jakob Maier
How I tracking and analyze my location history safely and privacy conscious with Owntracks, Leaflet and a simple Express app.
WindowSpy: WindowSpy is a Cobalt Strike Beacon Object File meant for targetted user surveillance. The goal of this project was to trigger surveillance capabilities only on certain targets, e.g. browser login pages, confidential documents, VPN logins etc.
๐ฃdigicat
๐@malwr
๐ฃdigicat
๐@malwr
GitHub
GitHub - CodeXTF2/WindowSpy: WindowSpy is a Cobalt Strike Beacon Object File meant for automated and targeted user surveillance.
WindowSpy is a Cobalt Strike Beacon Object File meant for automated and targeted user surveillance. - CodeXTF2/WindowSpy
Windows Defenderๅ
ๅญๆซๆๅ่ฝๅๆ - Analysis of Windows Defender memory scanning function - Chinese reverse engineering and analysis of how Defender memory scanning works
๐ฃdigicat
๐@malwr
๐ฃdigicat
๐@malwr
ๅพฎไฟกๅ
ฌไผๅนณๅฐ
Windows Defenderๅ
ๅญๆซๆๅ่ฝๅๆ
ๅฆไฝๅฎ็ฐDefenderๅ
ๅญๆซๆๅ่ฝ๏ผๅฆไฝๅฎไฝๅ
ๅญ็นๅพ็ ๅๅ
ๅญๆซๆ่งฆๅๆต็จ๏ผ