Today I've launched malapi.io. I've been analyzing malware source code that utilizes WinAPIs and have been categorizing them. Please feel free to contribute as I know the current list is not exhaustive.

My writeup for the crypto challenges for the 2021 Synack Red Team #RedTeamFive Open Invitational #CTF This involves a meet-in-the-middle attacks, RSA factorization from known private key, hash collisions, and ECDSA key recovery from nonce reuse. pberba.github.io/crypto/2021/11…

I have checked every single page of this repo Real world scenarios with proper reference Must give it a look and support author Muhammad Daffa for his excellent work #bugbountytips #infosec #cybersecurity github.com/daffainfo/AllA…

An intro to hunting persistence in linux using sysmon, auditd and/or osquery. We explore "detecting web shells" as the first technique. pberba.github.io/security/2021/…

Found an interesting location in linux of persistence. Executables dropped in "/lib/systemd/system-generators/" will run at the start of the init of systemd, before any service is run. Example how use it to create a service and disable sensor services: pberba.github.io/security/2022/…