I published the following diary on isc.sans.edu: “Using API’s to Track Attackers“:
For a few days, I’m keeping an eye on suspicious Python code posted on VT. We all know that VBA, JavaScript, Powershell, etc are attacker’s best friends but Python is also a good candidate to perform malicious activities on a computer. Even if Python isn’t installed by default, it’s easy to “compile” a Python script to make it portable via a PE file. There exists multiple tools to achieve this, my favorite being ‘pyinstaller’… [Read more]
The post [SANS ISC] Using API’s to Track Attackers appeared first on /dev/random.
Article Link: https://blog.rootshell.be/2020/08/18/sans-isc-using-apis-to-track-attackers/