Content Paint
Search
Sign in

Dnspy

Reverse Engineering  | Nov 01, 2023
Malware Unpacking With Memory Dumps - Intermediate Methods (Pe-Sieve, Process Hacker, Hxd and Pe-bear)
Malware Unpacking With Memory Dumps - Intermediate Methods (Pe-Sieve, Process Hacker, Hxd and Pe-bear)

Demonstrating three additional methods for obtaining unpacked malware samples. Using Process Hacker, Pe-sieve, Hxd and Pe-bear.

Reverse Engineering  | Oct 30, 2023
Unpacking .NET Malware With Process Hacker and Dnspy
Unpacking .NET Malware With Process Hacker and Dnspy

Unpacking an Asyncrat loader using Process Hacker and Dnspy

Detection Engineering  | Oct 10, 2023
Developing Yara Rules With IL Bytecodes
Developing Yara Rules With IL Bytecodes

How to develop Yara rules for .NET Malware. Utilising IL instructions and associated bytecodes.

Reverse Engineering  | Oct 05, 2023
Introduction to DotNet Configuration Extraction - RevengeRAT
Introduction to DotNet Configuration Extraction - RevengeRAT

Introduction to dotnet configuration extraction. Leveraging RevengeRat and Python.

Threat Intelligence  | May 15, 2023
Quasar Rat Analysis - Identification of 64 Quasar Servers Using Shodan and Censys
Quasar Rat Analysis - Identification of 64 Quasar Servers Using Shodan and Censys

Extraction of Quasar C2 configuration via Dnspy, and using this information to pivot to additional servers utilising Shodan and Censys.

Debugger Tutorials  | May 07, 2023
AgentTesla - Full Loader Analysis - Resolving API Hashes Using Conditional Breakpoints
AgentTesla - Full Loader Analysis - Resolving API Hashes Using Conditional Breakpoints

Analysis of a Multi-Stage Loader for AgentTesla. Covering Ghidra, Dnspy, X32dbg, API Hashing and more!

Dnspy  | Apr 08, 2023
Dcrat Deobfuscation - How to Manually Decode a 3-Stage .NET Malware
Dcrat Deobfuscation - How to Manually Decode a 3-Stage .NET Malware

Manual analysis and deobfuscation of a .NET based Dcrat. Touching on Custom Python Scripts, Cyberchef and .NET analysis with Dnspy.

Your link has expired. Please request a new one.
Your link has expired. Please request a new one.
Your link has expired. Please request a new one.
Great! You've successfully signed up.
Great! You've successfully signed up.
Welcome back! You've successfully signed in.
Success! You now have access to additional content.