Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2024-09-03Twitter (@embee_research)Embee_research
Advanced Cyberchef Techniques - Defeating Nanocore Obfuscation With Math and Flow Control
Nanocore RAT
2024-08-04Twitter (@embee_research)Embee_research
Decoding a Cobalt Strike Downloader Script With CyberChef
Cobalt Strike
2024-05-23Twitter (@embee_research)Embee_research
Tracking APT SideWinder With DNS Records
SideWinder
2024-05-21Twitter (@embee_research)Embee_research
Tweets on decoding a Latrodectus loader
Latrodectus
2024-05-15Twitter (@embee_research)Embee_research
Revealing Spammer Infrastructure With Passive DNS - 226 Toll-Themed Domains Targeting Australia
2024-04-11Twitter (@embee_research)Embee_research
Tracking Malicious Infrastructure With DNS Records - Vultur Banking Trojan
Vultur
2024-04-04Twitter (@embee_research)Embee_research
TLS Certificate For Threat Intelligence - Identifying MatanBuchus Domains Through Hardcoded Certificate Values
Matanbuchus
2024-04-01Twitter (@embee_research)Embee_research
Passive DNS For Phishing Link Analysis - Identifying 36 Latrodectus Domains With Historical Records and 302 Redirects
Latrodectus
2024-03-30Twitter (@embee_research)Embee_research
Uncovering APT Infrastructure with Passive DNS Pivoting
2024-03-27Twitter (@embee_research)Embee_research
Uncovering Malicious Infrastructure with DNS Pivoting
LokiBot XWorm
2024-02-26Twitter (@embee_research)Embee_research
Advanced CyberChef Techniques for Configuration Extraction - Detailed Walkthrough and Examples
NetSupportManager RAT
2023-12-20Twitter (@embee_research)Embee_research
Defeating Obfuscated Malware Scripts - Cobalt Strike
Cobalt Strike
2023-12-19Twitter (@embee_research)Embee_research
Free Ghidra Tutorials for Beginners
Cobalt Strike DarkGate
2023-12-08Twitter (@embee_research)Embee_research
Ghidra Basics - Manual Shellcode Analysis and C2 Extraction
Cobalt Strike
2023-12-06Twitter (@embee_research)Embee_research
Ghidra Basics - Identifying, Decoding and Fixing Encrypted Strings
Vidar
2023-11-30Twitter (@embee_research)Embee_research
Advanced Threat Intel Queries - Catching 83 Qakbot Servers with Regex, Censys and TLS Certificates
QakBot
2023-11-27Twitter (@embee_research)Embee_research
Building Threat Intel Queries Utilising Regex and TLS Certificates - (BianLian)
BianLian
2023-11-26Twitter (@embee_research)Embee_research
Identifying Suspected PrivateLoader Servers with Censys
PrivateLoader
2023-11-22Twitter (@embee_research)Embee_research
Practical Queries for Malware Infrastructure - Part 3 (Advanced Examples)
BianLian Xtreme RAT NjRAT QakBot RedLine Stealer Remcos
2023-11-19Twitter (@embee_research)Embee_research
Combining Pivot Points to Identify Malware Infrastructure - Redline, Smokeloader and Cobalt Strike
Amadey Cobalt Strike RedLine Stealer SmokeLoader