BlackHat USA 2023 took place on the 9th and 10th of August 2023 in the Mandalay Bay in Las Vegas. Consequtively, DEFCON 31 took place from the 10th through the 13th of August, in Ceasar’s Forum, the LINQ, Harrah’s, and the Flamingo. After visiting BlackHat USA 2022 and DEFCON 30, I had some time to … Read more
Blackhat Asia 2023 took place on the 11th and 12th of May 2023 in the Marina Bay Sands Expo in Singapore. This blog will cover my experience of the conference, including a comparison to last year, along with references to those who I met along the way. The folks from ToolsWatch, NJ, Faisal, and Rachid, … Read more
April was a busy month, in which I gave three talks on three topics. The first two talks were at Botconf, regarding the RTM Locker and about A student’s guide to free and open-source enterprise level malware analysis tooling. My talk at the final edition of Hack In The Box Amsterdam dove into Golang malware … Read more
This blog post is a rather short one, especially for my doing. This month, I moved digitally and physically. This blog migrated to another hosting provider, and I moved to a different city. Alas, this took up more time than I’d have liked (granted, I wanted it to take no time at all, so that … Read more
Additions Added the API Hashing article to the malware snippets To contact me, you can e-mail me at [info][at][maxkersten][dot][nl], send me a PM on Reddit, or DM me on Twitter @Libranalysis.
Additions Added the malware snippets chapter Added the self deletion article to the malware snippets To contact me, you can e-mail me at [info][at][maxkersten][dot][nl], send me a PM on Reddit, or DM me on Twitter @Libranalysis.
BlackHat Europe 2022 took place on the 7th and 8th of December in London. This edition, I spoke about DotDumper. In this blog, I will talk about the briefings and the arsenal, meeting friends old and new, and the taken COVID measures. Table of contents Briefings and the Arsenal Meeting friends old and new COVID … Read more
BlackHat Middle-East and Africa (MEA in short) is the successor of last year’s unofficial (yet official) BlackHat edition called atHack. Just like atHack, the conference took place in Saudi Arabia’s Ridyadh. I presented five talks on three different topics: a look back on the wipers of 2022, DotDumper, and my own Binary Analysis Course! The … Read more
Yaraify is one of the many services Abuse.ch freely provides to the public. It exposes quite some API endpoints that contain useful information. Before open-sourcing this API client, there was no publicly supported Java library. The code can be found on Github, along with the latest pre-built release. The API client’s main page, which contains … Read more
MalPull is designed to download malware samples in bulk using a minimal amount of API calls from services that limit requests. Version 1.4-stable shakes things up, as the command-line interface is changed, a new service is added, dependencies are added, and other minor improvements are included. The program’s source code and precompiled Java Archive can … Read more