unSafe.sh - 不安全
我的收藏
今日热榜
公众号文章
导航
Github CVE
Github Tools
编码/解码
文件传输
Twitter Bot
Telegram Bot
Rss
黑夜模式
1 little known secret of runonce.exe (32-bit)
When you execute 32-bit version of runonce.exe on a 64-bit version of Windows and pass to i...
2023-12-26 23:22:47 | 阅读: 10 |
收藏
|
Hexacorn - www.hexacorn.com
iernonce
library
runonce
loaded
1 little known secret of regsvr32.exe
The little known secret of regsvr32.exe is…You ready?You can load multiple DLLs at...
2023-12-26 06:23:50 | 阅读: 28 |
收藏
|
Hexacorn - www.hexacorn.com
hhctrl
ocx
regsvr32
windows
yup
2 less known secrets of Windows command command-driven line tools…
Many Windows tools support commands f.ex.:reg.exe – QUERY, ADD, DELETE, COPY, SAVE, RE...
2023-12-25 19:15:35 | 阅读: 10 |
收藏
|
Hexacorn - www.hexacorn.com
identical
detections
getkeyname
Copyright banners – re-visited
Over a decade ago I posted some random copyright banner stats from my (relatively small by...
2023-12-19 08:52:9 | 阅读: 14 |
收藏
|
Hexacorn - www.hexacorn.com
banners
xmrig
llc
jean
adler
Custom Install Path & portability issues
If you’ve been reading my blog for a while now you will know that I love to challenge my threat...
2023-12-14 08:8:10 | 阅读: 11 |
收藏
|
Hexacorn - www.hexacorn.com
niauth
instruments
software
labview
ni
Proof of life…
‘Blade Runner’ – the cult classic movie – teaches us that the (non-)human traits/behaviors can b...
2023-12-2 08:6:39 | 阅读: 10 |
收藏
|
Hexacorn - www.hexacorn.com
software
download
telemetry
producing
File System artifacts for known security software
Inspired by Phill Moore’s new project called Ruler, I combed my collection of all old Hijac...
2023-11-26 18:59:37 | 阅读: 10 |
收藏
|
Hexacorn - www.hexacorn.com
phill
hijackthis
ruler
progressive
rebranding
Looking for the randomness in the most non-AI/ML way…
Here’s an old-school file name-based research… it is not game changing, it won’t bring any immed...
2023-11-25 08:27:57 | 阅读: 12 |
收藏
|
Hexacorn - www.hexacorn.com
infixes
5m
icreinstall
regexes
immediate
The world of partially downloaded files…
Anytime you download a file via a browser, instant messenger, or other apps… it is first sa...
2023-11-23 07:23:3 | 阅读: 7 |
收藏
|
Hexacorn - www.hexacorn.com
download
microsoft
instant
messenger
brave
Lolbins for connoisseurs… Part 3
I love exploring unexplored software paths. And not necessarily on the assembly level – and that...
2023-11-16 06:52:24 | 阅读: 7 |
收藏
|
Hexacorn - www.hexacorn.com
software
portablegit
depthai
mingw64
Who am I? Asking for my file friend: whoami.exe…
There is a lot talk about whoami.exe recently, so here’s one more post about it…When we talk...
2023-11-12 07:28:40 | 阅读: 18 |
收藏
|
Hexacorn - www.hexacorn.com
whoami
windows
winsxs
microsoft
Email domains AD 2023
Back in a day (90s/2000s), if you wanted an email, there were lots of (free) email providers ava...
2023-11-4 07:21:29 | 阅读: 52 |
收藏
|
Hexacorn - www.hexacorn.com
yahoo
hotmail
rr
nl
jp
Beyond the good ol’ .bashrc entry… Part 3
UpdateAfter I posted it, @netspooky pinged me with some additional info. Apparently, th...
2023-10-29 05:15:23 | 阅读: 15 |
收藏
|
Hexacorn - www.hexacorn.com
stephan
apparently
oriented
autostart
nodisplay
Beyond the good ol’ .bashrc entry… Part 2
Okay, okay, yup, it is a series now. Part two is here!Browsing available Ubuntu apps on...
2023-10-28 06:21:47 | 阅读: 13 |
收藏
|
Hexacorn - www.hexacorn.com
chm
kchmviewer
okay
yup
horrible
Hunting for Windows API prototypes and descriptions…
Over the years I have made a lot of attempts to systematically extract Windows API information f...
2023-10-26 07:49:37 | 阅读: 22 |
收藏
|
Hexacorn - www.hexacorn.com
windows
microsoft
par
kinda
createfile
Mapping Chrome extension IDs to their names, Part 2
Nearly 2 years ago I published the first part, so it’s time for a quick update. And thi...
2023-10-21 06:19:51 | 阅读: 12 |
收藏
|
Hexacorn - www.hexacorn.com
publishing
What Champagne to drink?
Reading articles about criminals enjoying (I really hope they are not just flexing) drinking the...
2023-10-18 06:49:54 | 阅读: 12 |
收藏
|
Hexacorn - www.hexacorn.com
champagne
pérignon
vintage
drinking
favorite
Dexray v2.33
Even in 2023 Dexray seems to be delivering value to DFIR practitioners. I am always very hu...
2023-10-14 06:43:54 | 阅读: 5 |
收藏
|
Hexacorn - www.hexacorn.com
dexray
quarantined
humbled
perl
security
Beyond the good ol’ .bashrc entry… Part 1
I really don’t know if this is the first post in the series, or just a one-off that is also, the...
2023-9-30 07:18:54 | 阅读: 11 |
收藏
|
Hexacorn - www.hexacorn.com
dconf
windows
footprint
cousin
ZydisInfo – the disassembler that breaks the code, twice
The moment I heard of machine code and its opcodes… I fell in love. Being able to understand mac...
2023-9-28 06:38:17 | 阅读: 19 |
收藏
|
Hexacorn - www.hexacorn.com
opcodes
zydisinfo
machine
joel
surprise
Previous
4
5
6
7
8
9
10
11
Next