Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2021-12-20YouTube (Malienist)Vishal Thakur
@online{thakur:20211220:revil:f1916d3, author = {Vishal Thakur}, title = {{Revil Linux Ransomware: Revix}}, date = {2021-12-20}, organization = {YouTube (Malienist)}, url = {https://www.youtube.com/watch?v=mDUMpYAOMOo}, language = {English}, urldate = {2021-12-20} } Revil Linux Ransomware: Revix
REvil
2021-12-11YouTube (AGDC Services)AGDC Services
@online{services:20211211:how:358bd74, author = {AGDC Services}, title = {{How To Extract & Decrypt Qbot Configs Across Variants}}, date = {2021-12-11}, organization = {YouTube (AGDC Services)}, url = {https://www.youtube.com/watch?v=M22c1JgpG-U}, language = {English}, urldate = {2021-12-20} } How To Extract & Decrypt Qbot Configs Across Variants
QakBot
2021-12-08YouTube ( DuMp-GuY TrIcKsTeR)Jiří Vinopal
@online{vinopal:20211208:full:4bf6148, author = {Jiří Vinopal}, title = {{Full malware analysis Work-Flow of AgentTesla Malware}}, date = {2021-12-08}, organization = {YouTube ( DuMp-GuY TrIcKsTeR)}, url = {https://youtu.be/QQuRp7Qiuzg}, language = {English}, urldate = {2021-12-08} } Full malware analysis Work-Flow of AgentTesla Malware
Agent Tesla
2021-11-22YouTube ( DuMp-GuY TrIcKsTeR)Jiří Vinopal
@online{vinopal:20211122:powershell:b15c355, author = {Jiří Vinopal}, title = {{Powershell and DnSpy tricks in .NET reversing – AgentTesla [Part2]}}, date = {2021-11-22}, organization = {YouTube ( DuMp-GuY TrIcKsTeR)}, url = {https://youtu.be/BM38OshcozE}, language = {English}, urldate = {2021-11-26} } Powershell and DnSpy tricks in .NET reversing – AgentTesla [Part2]
Agent Tesla
2021-11-22YouTube ( DuMp-GuY TrIcKsTeR)Jiří Vinopal
@online{vinopal:20211122:powershell:37baf25, author = {Jiří Vinopal}, title = {{Powershell and DnSpy tricks in .NET reversing – AgentTesla [Part1]}}, date = {2021-11-22}, organization = {YouTube ( DuMp-GuY TrIcKsTeR)}, url = {https://youtu.be/hxaeWyK8gMI}, language = {English}, urldate = {2021-11-26} } Powershell and DnSpy tricks in .NET reversing – AgentTesla [Part1]
Agent Tesla
2021-11-22Youtube (OALabs)c3rb3ru5d3d53c, Sergei Frankoff
@online{c3rb3ru5d3d53c:20211122:introduction:1daa38b, author = {c3rb3ru5d3d53c and Sergei Frankoff}, title = {{Introduction To Binlex A Binary Trait Lexer Library and Utility - Machine Learning First Steps...}}, date = {2021-11-22}, organization = {Youtube (OALabs)}, url = {https://www.youtube.com/watch?v=hgz5gZB3DxE}, language = {English}, urldate = {2021-11-29} } Introduction To Binlex A Binary Trait Lexer Library and Utility - Machine Learning First Steps...
karma
2021-11-20Youtube (HEXORCIST)Nicolas Brulez
@online{brulez:20211120:unpacking:b26d2fb, author = {Nicolas Brulez}, title = {{Unpacking Emotet and Reversing Obfuscated Word Document}}, date = {2021-11-20}, organization = {Youtube (HEXORCIST)}, url = {https://www.youtube.com/watch?v=AkZ5TYBqcU4}, language = {English}, urldate = {2021-12-20} } Unpacking Emotet and Reversing Obfuscated Word Document
Emotet
2021-11-13YouTube (AGDC Services)AGDC Services
@online{services:20211113:automate:487e01f, author = {AGDC Services}, title = {{Automate Qbot Malware String Decryption With Ghidra Script}}, date = {2021-11-13}, organization = {YouTube (AGDC Services)}, url = {https://www.youtube.com/watch?v=4I0LF8Vm7SI}, language = {English}, urldate = {2021-11-19} } Automate Qbot Malware String Decryption With Ghidra Script
QakBot
2021-10-30YouTube ( DuMp-GuY TrIcKsTeR)Jiří Vinopal
@online{vinopal:20211030:reversing:ce96b92, author = {Jiří Vinopal}, title = {{Reversing CryptoCrazy Ransomware - PoC Decryptor and some Tricks}}, date = {2021-10-30}, organization = {YouTube ( DuMp-GuY TrIcKsTeR)}, url = {https://youtu.be/oYLs6wuoOfg}, language = {English}, urldate = {2021-11-26} } Reversing CryptoCrazy Ransomware - PoC Decryptor and some Tricks
Povlsomware
2021-10-21Bleeping ComputerLawrence Abrams
@online{abrams:20211021:massive:89295e6, author = {Lawrence Abrams}, title = {{Massive campaign uses YouTube to push password-stealing malware}}, date = {2021-10-21}, organization = {Bleeping Computer}, url = {https://www.bleepingcomputer.com/news/security/massive-campaign-uses-youtube-to-push-password-stealing-malware/}, language = {English}, urldate = {2021-11-02} } Massive campaign uses YouTube to push password-stealing malware
Raccoon RedLine Stealer
2021-10-20GoogleAshley Shen, Google Threat Analysis Group
@online{shen:20211020:phishing:b0fa074, author = {Ashley Shen and Google Threat Analysis Group}, title = {{Phishing campaign targets YouTube creators with cookie theft malware}}, date = {2021-10-20}, organization = {Google}, url = {https://blog.google/threat-analysis-group/phishing-campaign-targets-youtube-creators-cookie-theft-malware/}, language = {English}, urldate = {2021-10-26} } Phishing campaign targets YouTube creators with cookie theft malware
2021-10-14YouTube (Uriel Kosayev)Uriel Kosayev
@online{kosayev:20211014:darkside:c4648ce, author = {Uriel Kosayev}, title = {{DarkSide Ransomware Reverse Engineering}}, date = {2021-10-14}, organization = {YouTube (Uriel Kosayev)}, url = {https://www.youtube.com/watch?v=NIiEcOryLpI}, language = {English}, urldate = {2021-11-02} } DarkSide Ransomware Reverse Engineering
BlackMatter DarkSide BlackMatter DarkSide
2021-09-27Youtube (OALabs)Sergei Frankoff
@online{frankoff:20210927:live:83ccb1f, author = {Sergei Frankoff}, title = {{Live Coding A Squirrelwaffle Malware Config Extractor}}, date = {2021-09-27}, organization = {Youtube (OALabs)}, url = {https://www.youtube.com/watch?v=9X2P7aFKSw0}, language = {English}, urldate = {2021-10-05} } Live Coding A Squirrelwaffle Malware Config Extractor
Squirrelwaffle
2021-09-22YouTube (John Hammond)John Hammond
@online{hammond:20210922:snip3:319b687, author = {John Hammond}, title = {{Snip3 Crypter/RAT Loader - DcRat MALWARE ANALYSIS}}, date = {2021-09-22}, organization = {YouTube (John Hammond)}, url = {https://www.youtube.com/watch?v=ElqmQDySy48}, language = {English}, urldate = {2021-09-23} } Snip3 Crypter/RAT Loader - DcRat MALWARE ANALYSIS
DCRat
2021-09-01YouTube (Black Hat)Tsuyoshi Taniguchi, Christian Doerr
@online{taniguchi:20210901:how:98ed0d5, author = {Tsuyoshi Taniguchi and Christian Doerr}, title = {{How Did the Adversaries Abusing the Bitcoin Blockchain Evade Our Takeover?}}, date = {2021-09-01}, organization = {YouTube (Black Hat)}, url = {https://www.youtube.com/watch?v=y8Z9KnL8s8s}, language = {English}, urldate = {2021-09-12} } How Did the Adversaries Abusing the Bitcoin Blockchain Evade Our Takeover?
Cerber Pony
2021-09-01YouTube (Black Hat)Tianze Ding, Junyu Zhou
@online{ding:20210901:domain:92aa2f7, author = {Tianze Ding and Junyu Zhou}, title = {{Domain Borrowing: Catch My C2 Traffic if You Can}}, date = {2021-09-01}, organization = {YouTube (Black Hat)}, url = {https://www.youtube.com/watch?v=eVr0kKdgM2I}, language = {English}, urldate = {2021-09-14} } Domain Borrowing: Catch My C2 Traffic if You Can
2021-09-01YouTube (Black Hat)Aragorn Tseng, Charles Li
@online{tseng:20210901:mem2img:7817a5d, author = {Aragorn Tseng and Charles Li}, title = {{Mem2Img: Memory-Resident Malware Detection via Convolution Neural Network}}, date = {2021-09-01}, organization = {YouTube (Black Hat)}, url = {https://www.youtube.com/watch?v=6SDdUVejR2w}, language = {English}, urldate = {2021-09-12} } Mem2Img: Memory-Resident Malware Detection via Convolution Neural Network
Cobalt Strike PlugX Waterbear
2021-09-01YouTube (Black Hat)Anurag Khanna, Thirumalai Natarajan Muthiah
@online{khanna:20210901:threat:e4d67de, author = {Anurag Khanna and Thirumalai Natarajan Muthiah}, title = {{Threat Hunting in Active Directory Environment}}, date = {2021-09-01}, organization = {YouTube (Black Hat)}, url = {https://www.youtube.com/watch?v=lBIaLmvVpBE}, language = {English}, urldate = {2021-09-22} } Threat Hunting in Active Directory Environment
2021-08-28YouTube (Kevin Bock)Kevin Bock
@online{bock:20210828:even:8ce1f2c, author = {Kevin Bock}, title = {{Even Censors Have a Backup: Examining China’s Double HTTPS Censorship Middleboxes - FOCI 21}}, date = {2021-08-28}, organization = {YouTube (Kevin Bock)}, url = {https://www.youtube.com/watch?v=ASskHbwnrV4}, language = {English}, urldate = {2021-10-13} } Even Censors Have a Backup: Examining China’s Double HTTPS Censorship Middleboxes - FOCI 21
2021-08-23Youtube (SANS Digital Forensics and Incident Response)Chad Tilbury
@online{tilbury:20210823:keynote:23c0084, author = {Chad Tilbury}, title = {{Keynote: Cobalt Strike Threat Hunting}}, date = {2021-08-23}, organization = {Youtube (SANS Digital Forensics and Incident Response)}, url = {https://www.youtube.com/watch?v=borfuQGrB8g}, language = {English}, urldate = {2021-08-25} } Keynote: Cobalt Strike Threat Hunting
Cobalt Strike