Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2023-06-12The DFIR ReportMaxime Thiebaut
@online{thiebaut:20230612:truly:18a251d, author = {Maxime Thiebaut}, title = {{A Truly Graceful Wipe Out}}, date = {2023-06-12}, organization = {The DFIR Report}, url = {https://thedfirreport.com/2023/06/12/a-truly-graceful-wipe-out/}, language = {English}, urldate = {2023-06-12} } A Truly Graceful Wipe Out
FlawedGrace Silence
2023-05-21Github (0xThiebaut)Maxime Thiebaut
@online{thiebaut:20230521:pcapeek:f4107bc, author = {Maxime Thiebaut}, title = {{PCAPeek}}, date = {2023-05-21}, organization = {Github (0xThiebaut)}, url = {https://github.com/0xThiebaut/PCAPeek/}, language = {English}, urldate = {2023-05-25} } PCAPeek
IcedID QakBot
2023-03-20NVISO LabsMaxime Thiebaut
@online{thiebaut:20230320:icedids:78b47a7, author = {Maxime Thiebaut}, title = {{IcedID’s VNC Backdoors: Dark Cat, Anubis & Keyhole}}, date = {2023-03-20}, organization = {NVISO Labs}, url = {https://blog.nviso.eu/2023/03/20/icedids-vnc-backdoors-dark-cat-anubis-keyhole/}, language = {English}, urldate = {2023-03-21} } IcedID’s VNC Backdoors: Dark Cat, Anubis & Keyhole
IcedID
2021-10-04nvisoMaxime Thiebaut
@online{thiebaut:20211004:phish:4270c8c, author = {Maxime Thiebaut}, title = {{Phish, Phished, Phisher: A Quick Peek Inside a Telegram Harvester}}, date = {2021-10-04}, organization = {nviso}, url = {https://blog.nviso.eu/2021/10/04/phish-phished-phisher-a-quick-peek-inside-a-telegram-harvester/}, language = {English}, urldate = {2021-10-11} } Phish, Phished, Phisher: A Quick Peek Inside a Telegram Harvester
2021-09-02nvisoMaxime Thiebaut
@online{thiebaut:20210902:anatomy:7db38c7, author = {Maxime Thiebaut}, title = {{Anatomy and Disruption of Metasploit Shellcode}}, date = {2021-09-02}, organization = {nviso}, url = {https://blog.nviso.eu/2021/09/02/anatomy-and-disruption-of-metasploit-shellcode/}, language = {English}, urldate = {2021-09-06} } Anatomy and Disruption of Metasploit Shellcode
2021-04-26nvisoMaxime Thiebaut
@online{thiebaut:20210426:anatomy:0ade0a5, author = {Maxime Thiebaut}, title = {{Anatomy of Cobalt Strike’s DLL Stager}}, date = {2021-04-26}, organization = {nviso}, url = {https://blog.nviso.eu/2021/04/26/anatomy-of-cobalt-strike-dll-stagers/}, language = {English}, urldate = {2021-04-29} } Anatomy of Cobalt Strike’s DLL Stager
Cobalt Strike
2020-09-01nvisoDidier Stevens, Maxime Thiebaut, Dries Boone, Bart Parys, Michel Coene
@online{stevens:20200901:epic:038897f, author = {Didier Stevens and Maxime Thiebaut and Dries Boone and Bart Parys and Michel Coene}, title = {{Epic Manchego – atypical maldoc delivery brings flurry of infostealers}}, date = {2020-09-01}, organization = {nviso}, url = {https://blog.nviso.eu/2020/09/01/epic-manchego-atypical-maldoc-delivery-brings-flurry-of-infostealers/}, language = {English}, urldate = {2020-09-01} } Epic Manchego – atypical maldoc delivery brings flurry of infostealers
Azorult NjRAT