Detecting Meterpreter Malware In Memory With Yara
My plan is fairly simple: read the memory of each process and scan it for static indicators of meterpreter.
Recent Posts
Improving PowerShell Script Obfuscation Part 1
Public PowerShell obfuscators like Invoke-Obfuscation and ISE Steroids do not actually rename the function and variable names, which makes easier to use beca...
Bypassing Kaspersky Antivirus with python.exe and Pupy
Kaspersky antivirus is notorious for being difficult to bypass. Black Hills did an interesting blog post where they experienced difficulty bypassing Kasp...
Google Open Redirect
Edit: Google fixed this by introducing a redirect warning page that requires the user to click the redirected link.
The Three Types of Ransomware
Ransomware encrypts data and demands ransom money for the decryption key. The ransomware threat is growing, and it is increasingly targeting businesses. Whil...