Articles

11 DEC 2019

Excel VBA Loads DLL into Itself

A researcher reached out to share a sample with me recently (thanks M.R.). The researcher was trying to use...
4 JUL 2019

Introducing PSUnveil

PSUnveil is a tool you can use to analyze obfuscated PowerShell scripts. Here's a look at the interface...
5 DEC 2018

CMD Watcher Updated to v0.3

I updated CMD Watcher to give you more flexibility in capturing scripts from Office maldocs...
10 NOV 2018

CMD Watcher Updated

I've gotten several good feedback regarding CMD Watcher so I'm releasing a new...
7 NOV 2018

CMD Watcher and Maldocs

Having spent a good amount of time analyzing a variety of maldocs, I realized that...
2 NOV 2018

Reneo Updated

Reneo has been updated to version 0.2 and includes many new features...
24 JUN 2018

Introducing Reneo

Reneo is a Windows tool to help incident responders, forensics specialists, and...