Content Paint
Search
Sign in

Author Info

Full Name

Matthew

Location

Melbourne, Australia

Matthew's Work

42 Posts
Reverse Engineering  | Dec 05, 2023
Ghidra Basics - Identifying, Decoding and Fixing Encrypted Strings
Ghidra Basics - Identifying, Decoding and Fixing Encrypted Strings

Manual identification, decryption and fixing of encrypted strings using Ghidra and x32dbg.

Threat Intelligence  | Nov 30, 2023
Advanced Threat Intel Queries - Catching 83 Qakbot Servers with Regex, Censys and TLS Certificates
Advanced Threat Intel Queries - Catching 83 Qakbot Servers with Regex, Censys and TLS Certificates

Catching 83 Qakbot Servers using Regular Expressions.

Threat Intelligence  | Nov 27, 2023
Building Advanced Threat Intel Queries Utilising Regex and TLS Certificates - (BianLian)
Building Advanced Threat Intel Queries Utilising Regex and TLS Certificates - (BianLian)

Creating Regex Signatures on TLS Certificates with Censys.

Reverse Engineering  | Nov 26, 2023
Ghidra Basics - Pivoting From Imported Funtions
Ghidra Basics - Pivoting From Imported Funtions

Leveraging Ghidra to establish context and intent behind imported functions.

Threat Intelligence  | Nov 26, 2023
Identifying Suspected PrivateLoader Servers with Censys
Identifying Suspected PrivateLoader Servers with Censys

Refining Queries and Identifying Suspicious servers using Censys.

Reverse Engineering  | Nov 24, 2023
Ghidra Basics - Pivoting from String Cross References
Ghidra Basics - Pivoting from String Cross References

Leveraging Ghidra to establish context and intent behind suspicious strings.

Reverse Engineering  | Nov 24, 2023
Ghidra Basics - Manual Shellcode Decryption
Ghidra Basics - Manual Shellcode Decryption

Manually Reversing a decryption function using Ghidra, ChatGPT and CyberChef.

Threat Intelligence  | Nov 22, 2023
Practical Queries for Malware Infrastructure - Part 3 (Advanced Examples)
Practical Queries for Malware Infrastructure - Part 3 (Advanced Examples)

More interesting and practical queries for identifying malware infrastructure.

Threat Intelligence  | Nov 19, 2023
Combining Pivot Points to Identify Malware Infrastructure - Redline, Smokeloader and Cobalt Strike
Combining Pivot Points to Identify Malware Infrastructure - Redline, Smokeloader and Cobalt Strike

Identifying Malware infrastructure by combining weak pivot points.

Your link has expired. Please request a new one.
Your link has expired. Please request a new one.
Your link has expired. Please request a new one.
Great! You've successfully signed up.
Great! You've successfully signed up.
Welcome back! You've successfully signed in.
Success! You now have access to additional content.