Overview of Content Published In March

Here is an overview of content I published in March:

Blog posts:

• Practice ntds.dit File Part 9: Extracting Password History Hashes
• Update: re-search.py Version 0.0.3
• New Tool: sets.py
• Update: cut-bytes.py Version 0.0.5
• Update: oledump.py Version 0.0.27
• That Is Not My Child Process!

YouTube videos:

• sets.py
• Maldoc Deobfuscation: Character Removal
• Maldoc Deobfuscation: Plugin sub-str
• cut-bytes.py & Here Documents
• oledump & YARA

Videoblog posts:

• sets.py
• Maldoc Deobfuscation: Character Removal
• cut-bytes.py & Here Documents

SANS ISC Diary entries:

• Another example of maldoc string obfuscation, with extra bonus: UAC bypass

NVISO Labs blog posts:

• Developing complex Suricata rules with Lua – part 1
• Developing complex Suricata rules with Lua – part 2
• New Hancitor maldocs keep on coming…

Article Link: https://blog.didierstevens.com/2017/04/04/overview-of-content-published-in-march-2/