MalPull is designed to download malware samples in bulk using a minimal amount of API calls from services that limit requests. Version 1.4-stable shakes things up, as the command-line interface is changed, a new service is added, dependencies are added, and other minor improvements are included. The program’s source code and precompiled Java Archive can … Read more
BlackHat USA 2022 took place in Las Vegas’s Mandalay Bay Convention Center on the 10h and 11th of August. Whereas this is the usual location for BlackHat USA, it was my first time visiting this edition, although it wasn’t my first visit to Las Vegas. In this blog I will share my impression of the … Read more
Malware Bazaar is one of the many services Abuse.ch freely provides to the public. It exposes quite some API endpoints that contain useful information. Before open-sourcing this API client, there was no publicly supported Java library. The code can be found on Github, along with the latest pre-built release. The API client’s main page, which … Read more
Additions Added a year in review for 2021-2022 to the miscellaneous chapter To contact me, you can e-mail me at [info][at][maxkersten][dot][nl], send me a PM on Reddit, or DM me on Twitter @Libranalysis.
BlackHat Asia 2022 took place in Singapore’s Marina Bay Sands Expo & Convention Centre on the 12th and 13th of May. Whereas this is the usual location for BlackHat Asia, it was my first time visiting this edition, as well as my first visit to the country. In this blog I will share my impression … Read more
Botconf 2022 took place in France’s Nantes for four days, starting from April the 26th. The first day consisted of workshops, followed by three days of talks. The previous edition, in 2020, was online, making 2019 the last in-person edition. In this blog I will share my impression of the conference, the friends I met, … Read more
Additions Added Ghidra script to handle stack strings to the analysis scripts chapter To contact me, you can e-mail me at [info][at][maxkersten][dot][nl], send me a PM on Reddit, or DM me on Twitter @Libranalysis.
The main page for this API client can be found here. This release contains new features, and several bug fixes. One can find the library’s code here. The latest release of the precompiled JAR can be found here. Table of contents New features Bug fixes New features Since Hatching is continuously developing their sandbox (and … Read more
Additions Added Dumping WhisperGate’s wiper from an Eazfuscator obfuscated loader to the malware analysis chapter Changes Changed dnSpy to dnSpyEx in the Debugging Dot Net binaries article, since the original project is not actively developed anymore, whereas the fork is To contact me, you can e-mail me at [info][at][maxkersten][dot][nl], send me a PM on Reddit, … Read more
This update marks the fortieth to my Binary Analysis Course! The last update was on the 25th of July 2021, which is admittedly longer ago than I had hoped for. In the months between then and now, I reviewed every single article in the course. In the past, I had already reviewed some articles, which … Read more