CAPE Sandbox @CapeSandbox
Payloads or it didn't happen. https://t.co/PbIPpihthq capesandbox.com/analysis Joined April 2017-
Tweets761
-
Followers4K
-
Following110
-
Likes203
Apologies to users of capesandbox.com - unfortunately the server was water damaged in a data centre flood☹️ We appreciate your patience and understanding while we work on recovery🙏 Stay tuned for updates!
capa v7.0 dynamic output now fully integrated in CAPE Sandbox 🎉 For example: capesandbox.com/analysis/475639
Dynamic #capa: Exploring Executable Run-Time Behavior with the @CapeSandbox mandiant.com/resources/blog…
We've uploaded our lecture on Automating Malware Triage from our Introduction to Malware Binary Triage course. Huge shout out to @unpacme @anyrun_app @malpedia @abuse_ch @cybercentre_ca @CapeSandbox @hatching_io @R3MRUM for the amazing projects mentioned youtu.be/8aWnFld4qgc
So far #CAPEsandbox on #GCP = <3
@JershMagersh @unpacme Yeah and if people have data woes @CapeSandbox can be set up in a few days for on prem, completely open source unpacking
Lightweight blog alert! This post goes over fast Bumblebee unpacking and configuration extraction. I've come across posts where authors do the unpacking manually. I use @CapeSandbox. Don't sleep on CAPEv2! nikhilh-20.github.io/blog/fast_furi…
#Vidar config extraction now in CAPE! Thanks to @AnFam17 🙏 For example: capesandbox.com/analysis/388038
#Vidar config extraction now in CAPE! Thanks to @AnFam17 🙏 For example: capesandbox.com/analysis/388038 https://t.co/hulnstz167
#RedLine config extraction now in CAPE For example: capesandbox.com/analysis/378490 A huge thank you to @Gi7w0rm 🙏❤️
#RedLine config extraction now in CAPE For example: capesandbox.com/analysis/378490 A huge thank you to @Gi7w0rm 🙏❤️ https://t.co/QQBF6l0biq
My first open-source security project PR with @InsideStairwell has been accepted!! The #CobaltStrike stager decoder is now a part of @CapeSandbox! It works for HTTP(S), DNS, and SMB stagers. Check the screenshots. github.com/kevoreilly/CAP…
Do you love making detection things? Do you hate bad guys? I might have just the job you are looking for. Apply to join me, @switchingtoguns , @CapeSandbox, and the rest of Splunk Attack Analyzer Team (Twinwave) today! jobs.jobvite.com/splunk/job/ovG…
#Nighthawk config extraction by @ka1do9 🙏 capesandbox.com/analysis/343557
#Nighthawk config extraction by @ka1do9 🙏 capesandbox.com/analysis/343557 https://t.co/MBzuLoJ0TN
#Qakbot config & payload extraction capesandbox.com/analysis/335516
#Qakbot config & payload extraction capesandbox.com/analysis/335516 https://t.co/tmY87jn2q9
For all users of capesandbox.com - we've recently fixed problems with account registration. If anyone has had issues registering over the last few months, you can now register/use your account. Any problems, please let us know and thank you for your patience 🙏
CAPE updated for new 64-bit #Emotet capesandbox.com/analysis/264631
CAPE updated for new 64-bit #Emotet capesandbox.com/analysis/264631 https://t.co/rkqcOOc1GS
We are currently doing an OS upgrade on the server at capesandbox.com - please bear with us 🙏
IntelOwl now supports @OnionScan, @CapeSandbox, @decalage2's msodde, @jpcert_en's impfuzzy and more!
#Hancitor & #CobaltStrike config & payload extraction: capesandbox.com/analysis/214812 capesandbox.com/analysis/214814
Another bypass for the latest #Emotet packer anti-VM: capesandbox.com/analysis/214085 - Epoch 4 capesandbox.com/analysis/214064 - Epoch 5
Florian Roth @cyb3rops
180K Followers 2K Following Head of Research @nextronsystems #DFIR #YARA #Sigma | detection engineer | creator of @thor_scanner, Aurora, Sigma, LOKI, YARA-Forge | always busy ⌚️🐇ςεяβεяμs - м�.. @c3rb3ru5d3d53c
21K Followers 235 Following 💕 Malware Hunter Killer 💕 #binlex & #mwcfg Developer 📽️ YouTuber 👩💻 She/Her 💍@DravenSwiftbow Support my work 👇 ☕️ https://t.co/SfTI8uJa23James @James_inthe_box
21K Followers 438 FollowingThomas Roccia 🤘 @fr0gger_
25K Followers 2K Following Sr. Threat Researcher @Microsoft, Malware Warlock, Threat Intel, Python🧡- Former @McAfee_labs, Goon @Defcon, Creator of #UnprotectProject - Tweets are my ownJAMESWT @JAMESWT_MHT
35K Followers 419 Following #Independent #Malware #Hunter #CyberSecurity #InfoSec https://t.co/KCFBJcHHcWMatthew @embee_research
12K Followers 1K Following Malware Researcher & Reverse Engineer | Creating and Sharing Educational Cyber ContentJosh Stroschein | The.. @jstrosch
8K Followers 1K Following Reverse engineer at FLARE/@Google | @pluralsight author | 700K+ views on YT 😱 Find FREE resources below👇Joe Roosen @JRoosen
8K Followers 1K Following SpyCloud - Security Research Manager, Cryptolaemus Coordinator, Emotet(Ivan)/QBot(Boris) hater, gold prospector & former sysadmin.Gi7w0rm @Gi7w0rm
14K Followers 678 Following Threat Intelligence and #URINT Analyst | See my Linktree for other socials | In case I post false intel, contact me! Support me: https://t.co/5WgDqr0K8pJustin Elze @HackingLZ
52K Followers 5K Following Hacker/CTO @TrustedSec | Former Optiv/SecureWorks/Accuvant Labs/Redspin | Race carsKimberly @StopMalvertisin
16K Followers 631 Following Security Researcher | Cyber Threat / Malware Analyst | Ex Sr. Threat Analyst @ Proofpoint | Founder of Stop MalvertisingAdam @Hexacorn
24K Followers 1K Following Red Brain, Blue Fingers [email protected] https://t.co/Bm0C9KQDDY RIP TwitterMyrtus @Myrtus0x0
7K Followers 699 Following Malware Researcher | Developer | @Cryptolaemus1 | @Proofpoint. Will happily talk about malware with anyone. bsky: [email protected]ExecuteMalware @executemalware
26K Followers 190 Following #malware hunter & analyst. Opinions are my own.Igal Lytzki🇮🇱 @0xToxin
9K Followers 285 Following Security Researcher at @Microsoft | Ex - Perception Point Threat Analyst & Team LeadmRr3b00t @UK_Daniel_Card
92K Followers 7K Following 真理的揭露者 Quis custodiet ipsos custodes fella in cyberspace #nafo undercover #FVEY Lovely Horse #fella #meme #farm #appreciator #cyber #specialistCryptolaemus @Cryptolaemus1
19K Followers 206 Following Mealybugs have been found again! Hooray, I was getting very hungry and it is time to have a feast! ;)GNUUBuMrtkhacK @gnuu_k
10 Followers 200 Following@bingohotdog@infosec... @bingohotdog
75 Followers 162 Following fighting malicious traffic by moonlight 🌙. she/her.Decker L. @accesstailor_
2 Followers 28 FollowingArkitekt @Arkitektbmw
15 Followers 56 FollowingG @G577814979637
2 Followers 74 FollowingYour.Demo.Master @YourDemoMaster
281 Followers 5K FollowingAndrea Sorrentino @sorrentinoand
33 Followers 605 FollowingDavid @dsecuma
224 Followers 232 Following Nu-Metal Gen on infosec | Opinions are my own | https://t.co/OENaFOkdVRRakesh Daggolu @DaggoluRak52540
0 Followers 2 FollowingtheArchitect @theArchitect0x0
2 Followers 453 FollowingPharoah @Pharoah104782
79 Followers 264 Following|EMX| @EMX_000
306 Followers 4K FollowingUnique Legend @UniqueLegend186
1 Followers 419 FollowingCostin Raiu @craiu
38K Followers 7K Following Romanian antihacker from another planet. #threatintel #yara #chess #taekwondorewscel @rewscel
32 Followers 692 FollowingTaticuLaSampanie @TitelCreatorul
8 Followers 561 Following Twitter isn't one of the main social networks in my country so if I tweet about something then I must be very involved in that thing.Akira Nishii @nichii_a
2K Followers 4K Following SOC / SIRT / Security / デジタルフォレンジック / EDR•NDR 関連の記事備忘録KHADIJA ELMOHIB @ElmohibKha85136
0 Followers 2 FollowingElio Settineri @ElioSettineri
40 Followers 656 FollowingYoung CyberAware @youngcyberaware
5 Followers 12 Following Young Cyberaware: Your one-stop place for staying Where whether you're a kid, teen, or adult, we have cybersecurity-related tips for everyone.likeastar20 @likeastar2000
3 Followers 18 FollowingNguyễn Thanh Vuy �.. @DukeSec97
101 Followers 3K Following Cyber Security, malware, bug bounty hunter 🍷sylvio @sylvio12174662
11 Followers 39 Following Cyber threat intelligence analyst @GlimpsRE (binary analysis automation through ML code correlation)Cyber Defence Consult.. @cyberdefencecon
501 Followers 2K Following Cyber Defence Consultancy provides innovative and cutting-edge cyber security technology solutions and support | ISO 27001 | SOC 2 | NIST CSF | PCI-DSSJK @jk_jk0000
9 Followers 3K FollowingHussain Alqurashi @qurashi_hm
125 Followers 3K FollowingNaman Devnani @naman_devnani
331 Followers 5K Following Security Researcher | Purple Team | Bug Hunter | CTF Player | Science & Tech Enthusiast | R&D | All-Source Intelligence | CAP | DCSP | TTIA | BCDEg0mxxm @g0mxxm
19 Followers 251 Following Security Researcher focused on reverse engineering & malware and may research more the other interesting things! (๑^ں^๑)Ricardo Lopez @Ricardo07593066
7 Followers 59 FollowingAlain Hovisa @AHovisa
47 Followers 433 FollowingBrutusInvictus @MehdiTahSahh
33 Followers 520 FollowingJerzy @Jerzy1127441
8 Followers 34 FollowingJohn S @Delivery13214
7 Followers 36 FollowingNacho @natxetico
32 Followers 360 Followingasdf @asdfwasd___
37 Followers 166 FollowingThe SOC Academy @thesocacademy
45 Followers 67 Following The SOC Academy provides the only official certification for VirusTotal, offering online courses designed to help you unlock the full potential of VirusTotal.Jacob Gajek @jgajek
415 Followers 635 Following Principal Security Researcher @esentire | DFIR, EDR Research, Windows Kernel Development | Tweets are my ownHiren Sadhwani @hir3n_s
212 Followers 2K Following Threat Hunter | #ThreatHunting | #DFIR | #ThreatIntelligenceTed Foxx @TedFoxx238985
178 Followers 3K Following #cancersucks Constantly searching for help for cancer patients.dannny @space_win438
3 Followers 563 Followingvx-underground @vxunderground
292K Followers 211 Following The largest collection of malware source code, samples, and papers on the internet. Password: infectedFlorian Roth @cyb3rops
180K Followers 2K Following Head of Research @nextronsystems #DFIR #YARA #Sigma | detection engineer | creator of @thor_scanner, Aurora, Sigma, LOKI, YARA-Forge | always busy ⌚️🐇MalwareHunterTeam @malwrhunterteam
219K Followers 36 Following Official MHT Twitter account. Check out ID Ransomware (created by @demonslay335). More photos & gifs, less malware.James @James_inthe_box
21K Followers 438 FollowingJAMESWT @JAMESWT_MHT
35K Followers 419 Following #Independent #Malware #Hunter #CyberSecurity #InfoSec https://t.co/KCFBJcHHcWMax_Malyutin @Max_Mal_
11K Followers 302 Following Threat Researcher, Blue Team, DFIR, Malware Analysis, and Reverse Engineering. “⚔️What do we say to God of malware, Not today⚔️”Josh Stroschein | The.. @jstrosch
8K Followers 1K Following Reverse engineer at FLARE/@Google | @pluralsight author | 700K+ views on YT 😱 Find FREE resources below👇Joe Roosen @JRoosen
8K Followers 1K Following SpyCloud - Security Research Manager, Cryptolaemus Coordinator, Emotet(Ivan)/QBot(Boris) hater, gold prospector & former sysadmin.Gi7w0rm @Gi7w0rm
14K Followers 678 Following Threat Intelligence and #URINT Analyst | See my Linktree for other socials | In case I post false intel, contact me! Support me: https://t.co/5WgDqr0K8pMyrtus @Myrtus0x0
7K Followers 699 Following Malware Researcher | Developer | @Cryptolaemus1 | @Proofpoint. Will happily talk about malware with anyone. bsky: [email protected]ExecuteMalware @executemalware
26K Followers 190 Following #malware hunter & analyst. Opinions are my own.Igal Lytzki🇮🇱 @0xToxin
9K Followers 285 Following Security Researcher at @Microsoft | Ex - Perception Point Threat Analyst & Team LeadFrost @fr0s7_
5K Followers 1K FollowingMarc R @Seifreed
13K Followers 3K Following Experienced in threat intelligence, reverse engineering, and digital forensics. Linktree: https://t.co/fmPijUPWCCMalBeacon @malbeacon
135 Followers 3 Following Threat intelligence company, illuminating adversaries since 2017.Southland Post @SouthlandPost
310K Followers 43 Following Daily Videos/News Source | Follow Us & Stay Updated | Email Or DM For Promo/Business | [email protected]RussianPanda 🐼 �.. @RussianPanda9xx
8K Followers 350 Following Senior Threat Intelligence Researcher at @esthreat | Threat Hunter | Malware Addictdr4k0nia @dr4k0nia
5K Followers 97 Following Security Researcher, student in the meantime 👧🏻 I specialize in .NET malware analysis and tooling My Blog ✍🏻 https://t.co/UetpEwyAGqhadojae @switchingtoguns
1K Followers 998 Following detects the things for TwinWave (Acquired by Splunk)Jose Enrique Hernande.. @_josehelps
3K Followers 2K Following 🛡️ Threat Research Director @Splunk ❤️ Scuba Diving 🔧 Maintainer of #AtomicRedTeam & #LOLDRIVERS & #LOLBAS project 😎 Ex @lacework @fastly @oracle @akamai.The Haag™ @M_haggis
8K Followers 2K Following Threat Researcher | Co-Host of Atomics on a Friday | LOLDrivers & Atomic Red Team Maintainer | I'm Everywhere and Nowhere - BSG.Br3akp0int @tccontre18
2K Followers 960 Following tweets are my own😉 Threat Researcher - interested in: (R.E, Red/Blue/Purple Team, DFIR, ML, Kernel, Exploit Dev) - https://t.co/qJyB5lIuHjOri Damari @0xrepnz
6K Followers 249 Following Low level developer, Reverse engineer, Windows kernel. Read my blog! 😋Shadow Chaser Group @ShadowChasing1
10K Followers 517 Following Shadow Chaser Group is a sub-group of the GcowSec team which consists of college students who love it.Shadow Chaser Group focused on APT hunt and analysisTwinWave Security @twinwavesec
52 Followers 24 Following TwinWave, a threat analysis platform helping security teams do their jobs more effectively and efficiently, was acquired by @Splunk in 2022.Clément Labro @itm4n
7K Followers 169 Following Pentest & Windows security research (I stopped using this account in December 2022) ➡ Mastodon: @[email protected]Alice Climent-Pommere.. @AliceCliment
3K Followers 268 Following Malware and EDR stuff @harfanglab 🤓Brendan Dolan-Gavitt @moyix
25K Followers 6K Following Associate Professor @ NYU Tandon. Security, RE, ML. PGP https://t.co/3WXr0RfRkv Founder of the MESS Lab: https://t.co/zGycrX3Gmn "an orc smiling into the camera" — CLIPTommy M (TheAnalyst) @ffforward
14K Followers 193 Following Threat Researcher @proofpoint | @Cryptolaemus1Axel Souchet @0vercl0k
13K Followers 509 Following ¯\_(ツ)_/¯, blogging on https://t.co/36oOc8Mgha and posting codes on https://t.co/P83Oen94Rc.MalwareDev @Malwaredev
2K Followers 2K Following The Battle Against Malwares & Hackers. Private Account. All opinions expressed here are mine only.Walied Assar @waleedassar
5K Followers 559 Following Reverse Engineer / Malware & Vulnerability Researcher / SOC Analyst / Pharmacist / Fishermantildedennis @tildedennis
663 Followers 401 Following average malware reverse engineer https://t.co/YjfQWBzZd9 https://t.co/67tyxbpmw1Loek van Oel @Lvanoel
410 Followers 609 Following Security specialist; TMHC member; Having fun with security. All thoughts are myself?SoulRage @SoulRage6
288 Followers 228 Following Malware Researcher | Threat hunter | One more #malware hunter. #cybersecurity #NBA #malware 🐲🦖James Forshaw @tiraniddo
48K Followers 364 Following Security researcher in Google Project Zero. Author of Attacking Network Protocols. Tweets are my own etc. Mastodon: @[email protected]R3MRUM @R3MRUM
994 Followers 1K Following Professional lurker focused on reverse engineering. Built and led CIRT teams in a past life. I enjoy solving puzzles and punching miscreants.Littl3field @Littl3field
4K Followers 4K Following Mindful hacker. Find bliss in meditation, Buddhism, activism, coding, research, DFIR, RE & frequency. Interested in hacks, not globalisation. Opinions are mine.Felix @felixw3000
2K Followers 500 Following 👨💻 Engineer, passionate about IT security 🔬 Daytime: Researcher @SophosXOps 🧪 Nightime: write-ups on experiments @ https://t.co/JD9nTOciQE 🙋 Opinions are my ownMark Russinovich @markrussinovich
156K Followers 402 Following CTO of Microsoft Azure, author of novels Rogue Code, Zero Day and Trojan Horse, Windows Internals, Sysinternals tools. Opinions are my own.Keith Jarvis @atlantajerk
367 Followers 599 Following Reverse engineer, malware analyst, and former paramedic. he/himUnfollow Bug Bot @unfollowbugbot
38K Followers 4 Following I provide awareness of when you lose twitter friends, in case you didn't mean to.dao ming si @dms1899
1K Followers 242 Following work time: defender fun time: malware hoarder/puzzle solver/capacity tester member of: @Cryptolaemus1 fan of: @hatching_io @sublime_secThis new book has finally arrived. Thank's to @nostarch as well as @billpollock for making it happen as well as @Lee_Holmes as my tech reviewer.
@malwrhunterteam Contains xor-encrypted config at the end C2: yurtumawat.wwwhost[.]us (-> 91.204.224[.]22)
@virusbtn @hasherezade But did it ever stopped any static extraction? Nope
@CapeSandbox Nice! Thank you for the mention 💙
#Blueteam the drug I’m addicted to When it all falls down I’ll be fine 🎵 With these folks @AK47Intel @eric_capuano @Brett_Shavers @RobertMLee @edskoudis @malware_traffic @MalwareTechBlog @GossiTheDog @CapeSandbox @lee_whitfield @cyb3rops @James_inthe_box @executemalware @luc4m
I've been fighting with @CapeSandbox installation, configuration and modification in the last few months (thanks Kevin and @D00m3dR4v3n). Considering recording some (basic) tutorials about CAPEv2 right now. #Malware #MalwareAnalysis
I feel like these videos are missing a point. Everyone can trial-and-error write a custom tool that eventually is undetected. Spreading the same tool at large scale and persisting on the endpoint after subsequent security updates (once the custom tool is known) is another thing?
Expectation v/s Reality: EDR Edition: A brief video on Brute Ratel evading Elastic EDR in full prevention mode with cloud analytics enabled: Prevent?✅Cloud/Internet?✅Elastic?✅Detections?❌ #BRc4 youtube.com/watch?v=hAHkJS…
Cybersecurity vs. Zero Day Engineering
I’m happy to share that I’m starting a new position as Most Distinguished Threat Researcher at @BlackBerry #Cylance #CTI
Today marks 5 years of @ScumBots pushing malware indicators to Twittter.
@_Clevero @ASov94 @hatching_io @CapeSandbox Exactly, I've been using cape for over 2 years now. Its very polished and feature rich. I recommend it to everyone as I've been using it as an alternative to cuckoo since support for python2 ended.
#Dridex is getting more unstable by the minute. On clean vanilla systems its injection mechanism (dridex payload living inside explorer) keeps causing process crashes. Must be fun operating a botnet where you think EDR blocked things, but nope, your bot just crashed? 🙃
Check out our latest presentation "Making CENTS of Malware Configurations" with @malwareforme and @zoomequipd at #SuriCon2021 bringing automated @ET_Labs rules to @CapeSandbox github.com/kevoreilly/CAP… youtube.com/watch?v=Sz1jgr…
RE tip of the day: When you start the analysis in IDA, don't forget to manually apply missing FLIRT signatures (Shift+F5 -> Ins). For example, for 32-bit MSVC-based programs, the vc32rtf signature may be particularly useful. #infosec #cybersecurity #malware #reverseengineering