csgaee @csgaee - Twitter Profile

Pinned Tweet

over 4 years ago

analysis of #parallax Loader, in this blogpost I've tried to dissect implemented techniques that make it very obfuscated malware 📈 https://t.co/Ugp5gNuvzs #malware #reverseengineering

csgaee's tweet photo. analysis of #parallax Loader, in this blogpost I've tried to dissect implemented techniques that make it very obfuscated malware 📈

https://t.co/Ugp5gNuvzs

#malware #reverseengineering https://t.co/ZPQIXZxaw7

0

5

1

3

0

csgaee retweeted

R136a1

@TheEnergyStory

about 1 month ago

Have you noticed that those deep-dive stories about complex Windows malware have pretty much vanished, especially in recent years? It feels like the era of "blockbuster" Windows malware has just gone silent, and this blog post tries to give some answers why. https://t.co/sFsf3uPm5o

20

596

132

442

83K

csgaee retweeted

Back Engineering Labs

@BackEngineerLab

about 1 year ago

Given the recent events with VMPSoft DMCA'ing educational YouTube videos demonstrating how to unpack malware protected with VMProtect, we have decided to release a free to use unpacker which works for all versions of VMP 3.x including the most recent version. Simply sign up/login here: https://t.co/7xp43sCIwv and then click on "Unpacker" on the top right corner. For context: https://t.co/8z6V6232YN https://t.co/kHm3O764FL https://t.co/T9EyF53FEV

14

615

130

273

83K

csgaee retweeted

Gynvael Coldwind @gynvael

about 1 year ago

Paged Out! #6 is out! https://t.co/8GiM1IwmHD Totally free, 80 pages, best issue so far! 'nuff said, enjoy! (please RT to help spread out the news!)

gynvael's tweet photo. Paged Out! #6 is out!
https://t.co/8GiM1IwmHD
Totally free, 80 pages, best issue so far!
'nuff said, enjoy!

(please RT to help spread out the news!) https://t.co/U1dazgQVvR

1

220

103

62

29K

Who to follow

Aziz Farghly ⚡

@FarghlyMal

Threat Researcher @nextronsystems (The thoughts and content I share are personal and not representative of my employer.)

Abdallah Elshinbary

@_n1ghtw0lf

Senior Malware Researcher

Ali Aqeel

@aaqeel87

Analyst lead @hatching_io.

csgaee @csgaee

over 1 year ago

@c3rb3ru5d3d53c Any updates regarding that blog !?

1

0

60

csgaee retweeted

Thomas Roccia 🤘

@fr0gger_

over 1 year ago

🤓 I was reading the fascinating report from @Volexity about the Nearest Neighbor Attack presented at @CyberWarCon. To keep it documented, I created a quick overview to explain how works the attack to complement their blog post 👇 #threatintel #infosec

fr0gger_'s tweet photo. 🤓 I was reading the fascinating report from @Volexity about the Nearest Neighbor Attack presented at @CyberWarCon.

To keep it documented, I created a quick overview to explain how works the attack to complement their blog post 👇 #threatintel #infosec https://t.co/nfEfeIf1S1

9

412

101

230

40K

csgaee retweeted

Tijme Gommers @tijme

over 1 year ago

My @OrangeCon_nl talk is live! Elevate your knowledge: From COM Object Fundamentals To UAC Bypasses. A 25-minute crash course covering Tokens, Privileges, UAC, COM, and ultimately bypassing UAC! https://t.co/H1VZJdBzTZ

tijme's tweet photo. My @OrangeCon_nl talk is live!

Elevate your knowledge: From COM Object Fundamentals To UAC Bypasses.

A 25-minute crash course covering Tokens, Privileges, UAC, COM, and ultimately bypassing UAC!

https://t.co/H1VZJdBzTZ https://t.co/1NZEFUQ43K

6

427

119

263

33K

csgaee retweeted

Takahiro Haruyama

@cci_forensics

almost 2 years ago

themida-unmutate - Static deobfuscator for Themida/WinLicense/Code Virtualizer's mutation-based obfuscation https://t.co/LVSesdU47J

1

126

62

70

21K

csgaee retweeted

Andreas Sfakianakis / @[email protected] @asfakian

over 2 years ago

FIRST CTI 2023 Video Recordings Playlist: https://t.co/WDX0P7C0Hq via @YouTube . Enjoy! #threatintel #cti #FOR578 #FIRSTCTI23 #FIRSTCTI

0

35

16

20

3K

csgaee retweeted

Daniel López

@0xDanielLopez

over 2 years ago

🎉 #TweetFeed is back! 🎉 After some months, I could bring it back to life again! Easily grab IOCs shared by the #infosec community at 𝕏 / Twitter: • URLs • Domains • IPs • SHA256 hashes • MD5 hashes All served in a FREE feed or via API. ➡️ https://t.co/ozGQxBtRwS

4

117

38

37

17K

csgaee @csgaee

over 2 years ago

@fr0gger_ Happy to help Just evade this by checking if quotes are present conv it to hex and add the real str as a comment for readability ... I feel that is a lazy solution 😂 but I always go the easy way

1

0

33

csgaee @csgaee

over 2 years ago

@0xJunkCod3 @stvemillertime 1+

0

6

csgaee retweeted

yed @frdfzi

over 2 years ago

Remote Monitoring and Management (RMM) tools commonly abuse by Threat actors. RMM_LOLBAS: https://t.co/oc7etgaQ5b

2

136

48

63

10K

csgaee @csgaee

over 2 years ago

@MichalKoczwara Would be great

0

3

0

548

csgaee @csgaee

over 2 years ago

@xbatmanTheReal @alien0x_ Corellium

0

1

0

69

csgaee @csgaee

over 2 years ago

@jxy__s @SystemInformer What about a button that holds info about terminated processes ... And shortcut to collapse child parent relationship

1

0

65

csgaee retweeted

Joe Słowik 🌻 @jfslowik

over 2 years ago

#CTI #ThreatIntelligence #Infosec

12

356

54

24

29K

csgaee @csgaee

over 2 years ago

@cyber_anubis low P & low R -> We don't care about hygiene standards 😂 high P & high R -> We care about hygiene to the end, and we do nothing other than that😂

csgaee's tweet photo. @cyber_anubis low P & low R -> We don't care about hygiene standards 😂
high P & high R -> We care about hygiene to the end, and we do nothing other than that😂 https://t.co/74lVGrXzQd

1

0

77

csgaee @csgaee

over 2 years ago

@cyber_anubis let's call those param "P" & "R" high P & low R -> My org needs to hunt this specific cluster as part of intel collection low P & high R -> suppress coverage regarding X, Y, and Z variants of the family ... our analytics solution needs quantity coverage

1

0

59

csgaee

@csgaee

Who to follow

Last Seen Users on Sotwe

Trends for you

Most Popular Users