April 11, 2019

Quick Note on Phobos Ransomware

This is a quick note about Phobos ransomware analysis. If you're interesting, I left materials including the sample, required key file and x64dbg's comments on the repository here.

April 6, 2019

Ghidra Configuration List

Because there's currently no feature to import and export Ghidra configuration, these are list of configuration that required to be configured manually for better user experience:

February 26, 2019

Lead by Example Isn't a Problem.

This blog post is dedicated to providing my opinions on Don't Lead by example by James Cowling. I believe that the situation explained in the article is simplified and it may have many related environmental and personal factors that aren't mentioned. So, I would like to talk only about the important part of this article. The solution.

January 19, 2019

Deploy Your Own Local MISP with HTTPS Supported by mkcert

In this short tutorial, I will walk through the steps to integrate SSL/TLS into Malware Intelligence Sharing Platform (MISP) with mkcert by Filippo Valsorda. To make it more simple, I will use docker version of MISP available here as an example.

Disclaimer: This is "just work" tutorial.

January 15, 2019

Endpoint Protection, Detection and Response Bypass Techniques Index

I've recently seen a bunch of articles and researches on endpoint protection and endpoint detection and response bypass techniques, so I decided to spend my research time to to document about these techniques and how was it done in summary. There is no category on these techniques as far as I know so I will simply categorize techniques by products.