Cisco Cyber Security Expo CTF

On the 16th of January 2018, I participated in the CTF of Cisco at DeFabrique in Utrecht. The duration of the CTF was from 10:00 until 15:45, nearly 6 hours. After solving quite some challenges, I managed to secure the second place and won a Raspberry Pi 3 and a couple of Ikea Smart Lamps. … Read more

34c3 Lightning Talk

This year during the 34c3 Congress, I held a lightning talk about Capricorn. During this presentation I asked for suggestions, feedback and possible collaboration. I’m glad to announce that this talk has sparked the interest of multiple people at the congress, but also via e-mail and Telegram afterwards. The conversations that I’ve had afterwards were … Read more

Android Malware Decryption Analysis

This is the first Malware Analysis I’ve posted, more will follow in the future. The malware has two layers of encryption which I’ve decrypted and analysed. In the report is a link to my Github repository for an automated decryption tool. The report can be downloaded here.

Capricorn: the header update

Malware is always changing and evolving, and so should anti-malware solutions. Because of the nature of the anti-malware solutions, they’re always ‘defending’ a system: only after the user downloads or executes something, the solution interacts with the newly created file or process. Based on sample analysis, new mitigation techniques are created and deployed. Ideally, one … Read more

Two new whitepapers added

Today, I’ve released my first two whitepapers. Both of them are about malware. A brief summary is provided for each paper, as well as a link to download them. Understanding Malware Malware is complex and relatively undocumented, since there is no profit to be made by documenting everything as if it were a software project. … Read more

Absence

The last couple of months have not been filled with my absence, whereas it did look like that. In the time that I did not post anything, I have been working on multiple projects. These projects will be posted here once finished. The products are finished, I only have to add the extra Javadoc for … Read more

How to use Capricorn

Set-up To install Capricorn, one must have the Java Runtime Environment installed. Executing the JAR file should be done using a terminal such as bash (on Linux) or via commandprompt/powershell (on Windows). Mac OS X is not supported, although future this is considered for future releases. Simply executing the JAR will provide you with a … Read more

Avoiding a ransomware outbreak with Capricorn

For those who missed my initial blogpost about Capricorn, I’ll give a short recap about the program its functionalities. Capricorn creates folders and files on the computer. These files are monitored and a change to any of the files will trigger Capricorn to commence shutdown, regardless of the open files on the computer. These folders … Read more

Seniorweb Lecture

On the 18th of May, I gave a lecture for the volunteers of Seniorweb regarding security awareness. The two groups who attended the lecture posed interesting questions about security. The biggest challenge for me during these two lectures was to keep the explanation simple. Analysing malware is a specialist’s job, one which I’m being educated … Read more

Capricorn’s First Stable Release

Today marks the day of the first stable release of Capricorn. After brainstorming about it for a couple of weeks, I gave the program a complete overhaul in a three day programming streak. The lay-out of the application has changed quite drastically, which paved the way for multiple functions I wanted to implement a while … Read more