Powershell deobfuscator github.com/airbus-cert/mi…

This week I have taken out some stuff to build an affordable laser probing system. It is also capable of imaging (but very slow), and I will work on laser voltage probing. Laser fault injection should (will) also be possible.

themida-unmutate - Static deobfuscator for Themida/WinLicense/Code Virtualizer's mutation-based obfuscation github.com/ergrelet/themi…

Our ninja Lucas Georges was on stage today during REcon to talk about physical access control systems security 🔒

Ce sketch de Raymond Devos n'a pas pris une ride.

Have you ever tried setting up a shared and reproductible forensics lab? After hitting several brick walls with Docker, Ansible and others, we ended up finding a solution that ticked all the boxes we wanted: Nix. See for yourselves! skyblue.team/posts/nix-fore… #DFIR #NixOS

Ghidra script: github.com/jdu2600/API-To…

Depuis la sortie du film d'Inoxtag je ne peux m'empêcher de repenser à ce petit passage dans le spectacle d'Haroun. Seuls. (la vidéo est dispo sur son YouTube)

capa v7.3 out! Recently we’ve added: - Drakvuf and VMRay sandbox support - web interfaces for results, rules, and homepage - BinExport2 backend that enables aarch64 and Android analysis via Ghidra - …and of course lots of new rules github.com/mandiant/capa/…

We've just released #flare capa v7.3.0 github.com/mandiant/capa/… Three major enhancements: 1. Support for VMRay sandbox analysis archives 2. Support for BinExport files generated by Ghidra 3. Introducing the capa rules website Plus several smaller fixes/updates and six new rules.

We’ve just released scrings to catch malicious script in memory !

We’re glad to announce we released Soxy!🚀 A Rust-powered suite of services for Citrix, VMware Horizon & Windows RDP. Red teams & pentesters can use it to pivot for deeper access. Get the tool and more details: 🔗 github.com/airbus-seclab/…

📢 Prochain Bière&Sécu mercredi 9 avril 🗓️ (veille de THConvention) ! RDV à partir de 19h au Rooster and Beer🐔🍺 Synacktiv offrira la première tournée de bières 🍻. Il n'y aura pas de présentation cette fois-ci mais n'hésitez pas à proposer des Rumps à THConvention 😉

The 2024 volatility #PluginContest review is complete! We received 6 submissions from 6 countries for 7 #Volatility3 plugins, a Linux profile generation tool & 9 supporting utilities! We'll highlight each #Contender then announce winners on Friday, Mar 28. #DFIR #memoryforensics

.volatility #PluginContest #Contender Sylvain Peyrefitte: ScringsScan + VadScringsScan provide syntax-aware scanning for 6 languages in kernel memory in Linux, macOS & Windows + in-process VADs in Windows, improving in-memory script payloads searching. #DFIR #memoryforensics

We will announce the volatility #PluginContest winners tomorrow, Friday, March 28, so stay tuned! #DFIR #memoryforensics #Volatility3

We are excited to announce that the volatility #PluginContest First Place winner is: Valentin Obst for btf2json Read the full Contest Results: volatilityfoundation.org/the-2024-volat… Congrats to all winners & thank you to all participants! #DFIR #memoryforensics

As highlighted this week, the #PluginContest demonstrates that #memoryforensics researchers continue to innovate + contribute to volatility! Special thanks to the core developers & previous winners who helped review submissions.

We had some awesome submissions to the volatility #PluginContest. The first place submission is a HUGE contribution to #memoryforensics on the Linux side, and solves a hard problem that others have grappled with for some time! #DFIR

Synacktiv is looking for an additional team leader in Paris for its Reverse-Engineering Team! Find out if you are a good candidate by reading our offer (🇫🇷). synacktiv.com/responsable-eq…