Some interesting stuffs (blogs/articles/papers and useful resources) that I’ve read in Q3 2017.


Hardening Ubuntu. Systemd edition.

Resource: Pentesting Wiki

HTTPS Certificate Revocation is broken, and it’s time for some new tools

Add-In Opportunities for Office Persistence

Lessons From The History Of Attacks On Secure Hash Functions

Deep Dive into a Custom Malware Packer

NGINX and PHP Malware Used in Petya/Nyetya Ransomware Attack

Benchmarking TensorFlow on Cloud CPUs: Cheaper Deep Learning than Cloud GPUs

Analyzing Ethereum, Bitcoin, and 1200+ other Cryptocurrencies using PostgreSQL

Internet Of Things Mobility Forensics

[Memory Forensics] If memory doesn’t serve me right…

List of Free Python Resources

Honeypots Resources

Carving EVTX

Analyzing censorship of the death of Liu Xiaobo on WeChat and Weibo


Odatv: A Case Study in Digital Forensics and Sophisticated Evidence Tampering

Ten Process Injection Techniques: A Technical Survey Of Common And Trending Process Injection Techniques

CTI Reading List

Real-World Rubber Ducky Attacks with Empire Stagers

AntiForensics techniques : Process hiding in Kernel Mode

The purpose of ransomware

What Does It Really Take To Track A Million Cell Phones?

How Bitcoin transactions work

Deep Learning for NLP Best Practices

How to create a private Ethereum network

Metadata: a hacker’s best friend

How to Use Windows API Knowledge to Be a Better Defender

My Curated List of AI and Machine Learning Resources from Around the Web

Cracking the Lens: Targeting HTTP’s Hidden Attack-Surface

Intro to SDR and RF Signal Analysis

DLL injection – Inject All the Things


Links describing the leaked EQ Group tools for Windows

Hacktivists unmasked: Group-IB reveals the identity of alleged members of the Islamic hacker group United Islamic Cyber Force

A zebra in sheep’s clothing: How a Microsoft icon-display bug in Windows allows attackers to masquerade PE files with special icons

How does FTK Imager snapshot memory?

A Newbie’s Guide to ESXi and VM Log Files

Effects of HTTPS and SSL inspection on the client

Keyword Censorship in Chinese Mobile Games

Attacking Java Deserialization

Research on CMSTP.exe

Memory Acquisition and Virtual Secure Mode

A review of various U2F security keys

Steganography in contemporary cyberattacks

OPSEC for Activists

Some reminders about Windows file times

Post a boarding pass on Facebook, get your account stolen

WMI wiki for offense and defense

List Of High Profile Cryptocurrency Hacks So Far (August 24th 2017)

How to trace ransomware payments end-to-end

Analysis of End-to-End Encryption in LINE

North Korea’s Missile Program: Rocket Science

How Wi-Fi Works

All Security Guidelines and Checklists You’ll Ever Need


Using Google Custom Search Engines (CSEs) for OSINT

REMnux Usage Tips for Malware Analysis on Linux

Analyzing Malicious Documents Cheat Sheet

Development guide for Volatility Plugins

Flash Dumping – Part I

A collection of (mostly) technical things every software developer should know

New Security Measures in iOS 11 and Their Forensic Implications

Awesome AI Security: A curated list of AI security resources

A list of IDA Plugins

Use Windows Event Forwarding to help with intrusion detection

Windows Event Forwarding for Network Defense

That AI study which claims to guess whether you’re gay or straight is flawed and dangerous

How I Learned to Trust My Shell (Microsoft Powershell)

Beware of the Bashware: A New Method for Any Malware to Bypass Security Solutions

30 interesting commands for the Linux shell

Enlarge your botnet with: top D-Link routers

Tales of a Threat Hunter 1: Detecting Mimikatz & other Suspicious LSASS Access – Part 1

Demystifying Apple’s Touch ID

Face ID, Touch ID, No ID, PINs and Pragmatic Security

Hardening Apache Struts with SELinux

Speed, Thermal, and Performance Comparison of Fast Charge Standards

Browser Security White Paper comparing Chrome, Edge, and IE

By using SMTP command injection attackers can modify aspects of an email that is sent in the background

Tips for Troubleshooting Human Communications

A new kind of map: it’s about time

Designing Websites for iPhone X

Playing with APFS – Took a quick look at APFS and its current support by a few tools

An easy way to access the user’s iOS location data without actually having access

Borrowing Microsoft Code Signing Certificates

Ultimate AppLocker ByPass List: most common techniques to bypass AppLocker

HEIF Image Files Forensics

Equifax Breach – Early lessons learned and six point action plan

Equitablefax [Timeline]

My notes on Hacking BLE – list of resources

Intro to Analyze NFC Payment Methods & Contactless Cards

Evidence Aurora Operation – APT attack on CCleaner

Learn Blockchains by Building One

How does Ethereum work, anyway?

The easy way to analyze huge amounts of PCAP data

Android Stuff and Security Research

Robot hacking research

Reversing DirtyC0W

Javascript : The Curious Case of Null >= 0

Protecting Domain Hijacking

Understanding new APK Signature Scheme V2

How manipulates you

HTTP Strict Transport Security, the practical explanation

Detecting Mimikatz & other Suspicious LSASS Access – Part 1

EternalBlue – Everything There Is To Know

Learning Python: From Zero to Hero

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s