Malware News
12.9K subscribers
1.63K photos
7 videos
130 files
7.78K links
The latest NEWS about malwares, DFIR, hacking, security issues, thoughts and ...

Partner channel: @cveNotify

For ads: https://telega.io/c/malwr
Download Telegram
RetrievIR - PowerShell script to assist DFIR teams with the collection of live-system evidence
๐Ÿ—ฃpanscanner

Hey everyone - posting a new tool I've been working on to help blue team operators capture evidence from live systems - most operations are described in the readme, most common use-case is likely running RetrievIR.ps1 from an administrative prompt like 'retrievir.ps1 -tags sans_triage' - this will capture most artifacts described in the KAPE SANS Triage package.

Please let me know if there are any questions/feedback! It is still a WIP but very much functional - I created this because I love KAPE but the enterprise license sometimes holds me back from using it in certain situations. I am also working on the ingestion of tkape configuration files.
๐Ÿ‘คpanscanner


๐ŸŽ–@malwr
A Deep Dive into Brute Ratel C4 payloads
๐Ÿ—ฃCyberMasterV


๐ŸŽ–@malwr
Sub7 source code released - an old code but it checks out
๐Ÿ—ฃdigicat

Fond memories ๐Ÿฅณ
๐Ÿ‘คcastleinthesky86


๐ŸŽ–@malwr
๐Ÿ˜ˆ2