CategoryBlue

pOWershell obFUsCation

This was an interesting rabbit hole I ventured into.  What started as a simple alert for an end user, turned into what felt like a CTF as I decided to dig deeper, and beat this alert like I was going to make an omelet out of it.  While I could have moved onto the next thing, I wanted to not only see what the payload intended to do, but dissect the payload to figure out how it was created.  This is part one, the Blue part of this story.

Continue reading

Binary Ninja Budo

I wanted to sharpen some skills on my journey  among them being my reverse engineering skills.  I started diving deeper into reverse engineering a couple years ago trying a few CTFs in the meantime. As I was stumbling a few colleagues mentioned Binary Ninja and I liked using it right away.

Continue reading