Articles

11 DEC 2021

Tools Update

It's been awhile but finally got to updating some of the tools I use frequently...
17 APR 2020

Another Way to Analyze XLM Macros

XLM macros have been making a comeback so it's important to be able to analyze them. I wrote a proof of concept tool that provides insight into what it's doing...
1 FEB 2020

Emotet Stats

The Emotet gang's email lures, which takes advantage of current news events, seems to be quite convincing and successful...
11 DEC 2019

Excel VBA Loads DLL into Itself

A security researcher, Mahendra K R, reached out to share a sample with me recently. The researcher was trying...
4 JUL 2019

Introducing PSUnveil

PSUnveil is a tool you can use to analyze obfuscated PowerShell scripts. Here's a look at the interface...
5 DEC 2018

CMD Watcher Updated to v0.3

I updated CMD Watcher to give you more flexibility in capturing scripts from Office maldocs...
10 NOV 2018

CMD Watcher Updated

I've gotten several good feedback regarding CMD Watcher so I'm releasing a new...
7 NOV 2018

CMD Watcher and Maldocs

Having spent a good amount of time analyzing a variety of maldocs, I realized that...
2 NOV 2018

Reneo Updated

Reneo has been updated to version 0.2 and includes many new features...
24 JUN 2018

Introducing Reneo

Reneo is a Windows tool to help incident responders, forensics specialists, and...