AssemblyLine – Decompressing CaRT Files, Download Submission
All submissions in AssemblyLine are stored in CaRT encoded format. This guide will help in AssemblyLine – Decompressing CaRT Files and Download Submissions
Security
Canadian Agency AssemblyLine Performance Troubleshooting
When you get errors during submissions, performance issues, or under minimum requirements – you will need AssemblyLine performance Troubleshooting guide
GitHub Exfiltration Indicators – Threat Hunt, Monitor, Block
GitHub Exfiltration Indicators will help you in you Threat Hunting activities of exfiltration data from your organization or to monitor / block the platform
Basis Technology Autopsy Usage Guide – Analyzing Source
Basis Technology Autopsy Usage Guide will cover easy usage steps – you can fast start analyzing your data sources after you installed and configured Autopsy
Basis Technology Autopsy Ingestion Modules Configuration
After you had installed Autopsy you will need Autopsy Ingestion Modules Configuration to fully unleash the power of this application
Basis Technology Autopsy and Plugins Installation Guide
This guide will provide you Autopsy and plugins installation steps. Basis Technology Autopsy is a complex forensics system based on sleuthkit
SysInternals Sigcheck VirusTotal Offline Scan on a Computer
You can use SysInternals Sigcheck for VirusTotal Offline Scan on a computer that without internet access. Sigcheck can send more than 500 files a day to VT
Bulk File Hash Check with VirusTotal – Didier Stevens script
This guide will help you using Didier Stevens virustotal-search python script to bulk file hash check with VirusTotal using VT Public API key
Basis Technology Autopsy Export CSV, XLSX – Large Sheets
There are several issues with Basis Technology Autopsy to export CSV or XLSX, mainly for large data sets. Providing 3 ways to export sheets.
Space Jackal – The Proclamation Writeup – CS Adversary Hunt
CrowdStrike Adversary Hunt CTF 2021 (took place between 18.01 – 29.01) and this is our Space Jackal – The Proclamation Writeup (Bootloader Debug) only
Set TOR Exit Node – TOR Browser, Country Code, Specific Node
How to set TOR Exit Node in TOR Browser for specific Country using Country Codes or set specific Exit Node from any country and check the applied settings
Check Phishing Links – Enterprise Security Department Guide
How to Check Phishing Links in Enterprise before engaging takedown with registrar. Check if link is malicious and what to do if the content isn’t available
Check Suspicious Links for Legitimacy – Observation, Tools
How to Check Suspicious Links from emails or other sources for Legitimacy with Common Sense Observation and Online Tools (DNS, IP Reputation)
BIFF Command Viewer for Microsoft OLE Excel XLS – BiffView++
BIFF Command Viewer usage Guide – “BiffView++” shows the structure of older Microsoft Excel XLS file format (OLE structure / Compound File Binary container)
OfficeMalScanner – Microsoft Office Files Malware Scanner
Learn how to use OfficeMalScanner – Microsoft Office Malware Scanner (Word / Excel / PowerPoint) for Malicious Macros, PE. Including Usage examples and tips
ExcelSheetUnhide by OC – Reveal / Unhide Hidden Excel Sheets
Malicious Hidden Excel Spreadsheets went popular lately using Excel 4 Macros and our ExcelSheetUnhide Powershell script will Unhide Hidden Excel Sheets
Python Oletools Setup, Use – Microsoft Office File Analysis
This guide will help you setup python oletools by Decalage and show you some usage examples. Oletools are used to analyze types of Microsoft Office Files
Imphash usage in Malware Analysis – Categorizing Malware
Imphash usage can help you categorize Malware to a certain adversary or a Malware family. You will learn how to install and use imphash in Malware analysis
Extract VBA Macro from Microsoft Word and Excel – oledump
In this guide you will understand how to setup and use Didier Stevens oledump python tool to Extract VBA Macro from Microsoft Excel / Word / Office files
Counter Surveillance: Methodology, RF Detector, Thermal view
Use our Counter Surveillance tips even without equipment, but here you will find also how to use RF Detectors, Thermal Image Cameras; which models to choose
What is SvcHost – Cyber Security Threat Analysis Guide
Comprehensive guide on SvcHost internals. Cyber Security Threat Analysis: how to find what hides behind it and is it malicious or a legitimate process