Jesko Hüttenhain @huettenhain
Too much technology, in too little time. huettenhain.net DE Joined February 2015-
Tweets477
-
Followers927
-
Following29
-
Likes426
Ever wonder what is buried in a 10 year old file infector? What files has it collected over the years? Join us at 1300 EST today and find out! #OALabsLive #SundaySandboxCentipede
What a great opportunity for a #BinaryRefinery showcase! xt exe | xt | push [ | bat | carve -d string | iffs = | b64 | pop k i | carve -sd b64 | aes --iv=eat:i eat:k | zl | peek -mm ] 📌 github.com/binref/refiner…
What a great opportunity for a #BinaryRefinery showcase! xt exe | xt | push [ | bat | carve -d string | iffs = | b64 | pop k i | carve -sd b64 | aes --iv=eat:i eat:k | zl | peek -mm ] 📌 github.com/binref/refiner… https://t.co/DKCSBtIrGA
Hey #100DaysofYARA friends and fans! I am looking for a successor to take up the 100 days of yara mantle. I’ll still participate of course, but I think the challenge has reached a point where it can grow much more under a more organized eye
What are the hot command line tools that you believe are underrepresented out here? Binary Refinery is one that I feel is still lesser known. If you were like me hoping for a command line version of CyberChef, check this project out: github.com/binref/refinery
@HackingLZ @nas_bench Go go *** Binary Refinery ***
🦔 📹 New Video: Unpacking JScript -> PowerShell -> XWorm with Binary Refinery #MalwareAnalysisForHedgehogs #XWorm youtube.com/watch?v=5ZtmYN…
Backdoor in upstream xz/liblzma leading to ssh server compromise openwall.com/lists/oss-secu…
Debloat removes junk from inflated executables. github.com/Squiblydoo/deb… New enhancements in Debloat v1.5.4 - Solves new cases - Solves some cases faster; 9sec -> 3sec - Simpler icon for GUI version - Reports inflation tactic
Debugging Windows Internals with x64dbg! x.com/i/broadcasts/1…
Binary refinery snippet to decrypt XOR encrypted stack strings of #RisePro stealer. The output is useable as Python dict.
#AsmResolver 5.5.1 is out! This is a maintenance release, adding #dotnet 8.0 targets and fixes issues related to type signatures, CIL optimizations, as well as some rare edge cases in .NET metadata directory parsing. Get it on GitHub/NuGet: 👉 github.com/Washi1337/AsmR…
Are you decoding payloads by pasting hex dumps into a browser window and clicking on things with your mouse? Would you rather not? Get back that hacker feeling. Try binary refinery. 🏭 github.com/binref/refiner… 🏭 (and if you haven't updated in a while, get that pip going)
Sergei’s going hard. This is insanely high quality and relevant educational content.
We’ve uploaded our second Binary Ninja scripting stream, where we finished our static unpacker with the help of Binary Refinery (@huettenhain) to unpack Qakbot DLLs: youtube.com/watch?v=utqaGg… We also found an interesting packer variant that uses indirect syscalls to load a…
I propose "llol" for "literal lol" when you actually laugh at something on screen. Please use only sparingly, or as a typo.
Introduction to YARA - Part 3 YARA Use Cases #100DaysOfYara
New Video: APT Turla's Kopiluwak🦔📹 This is a suitable beginner sample for writing a C2 extractor with binary refinery or CyberChef 🔗 Chain: VBA ➡️ JS ➡️ JS #MalwareAnalysisForHedgehogs youtube.com/watch?v=ReY0JH…
New Video: Deobfuscation of JScript malware like GootLoader using 3 methods 🦔 ➡️ regex ➡️ AST manipulation ➡️ dynamic deobfuscation #GootLoader #MalwareAnalysisForHedgehogs #AST #JScript youtube.com/watch?v=DjaptW…
Florian Roth @cyb3rops
180K Followers 2K Following Head of Research @nextronsystems #DFIR #YARA #Sigma | detection engineer | creator of @thor_scanner, Aurora, Sigma, LOKI, YARA-Forge | always busy ⌚️🐇ςεяβεяμs - м�.. @c3rb3ru5d3d53c
21K Followers 235 Following 💕 Malware Hunter Killer 💕 #binlex & #mwcfg Developer 📽️ YouTuber 👩💻 She/Her 💍@DravenSwiftbow Support my work 👇 ☕️ https://t.co/SfTI8uJa23Karsten Hahn @struppigel
22K Followers 702 Following Malware Researcher at G DATA. Ransomware hunter. he/him 🦔🌈🏳️⚧️Jiří Vinopal @vinopaljiri
8K Followers 429 Following Threat Researcher at Check Point @_CPResearch_ #DFIR #Reversing - All opinions expressed here are mine only. https://t.co/iWvwWF1AnN0xor0ne @0xor0ne
55K Followers 526 Following | CyberSecurity | Reverse Engineering | C and Rust | Exploit | Linux kernel | PhD | My Tweets, My Opinions :) |Josh Stroschein | The.. @jstrosch
8K Followers 1K Following Reverse engineer at FLARE/@Google | @pluralsight author | 700K+ views on YT 😱 Find FREE resources below👇GuidedHacking @GuidedHacking
37K Followers 328 Following Reverse Engineering, Game Hacking, Malware Analysis & Exploit Development @ https://t.co/Dl5ED4o7YSMatthew @embee_research
12K Followers 1K Following Malware Researcher & Reverse Engineer | Creating and Sharing Educational Cyber ContentMyrtus @Myrtus0x0
7K Followers 699 Following Malware Researcher | Developer | @Cryptolaemus1 | @Proofpoint. Will happily talk about malware with anyone. bsky: [email protected]Gi7w0rm @Gi7w0rm
14K Followers 678 Following Threat Intelligence and #URINT Analyst | See my Linktree for other socials | In case I post false intel, contact me! Support me: https://t.co/5WgDqr0K8pSilas Cutler // p1nk @silascutler
13K Followers 2K Following Hacker, sometimes researcher @Only_Scans, @mal_share Resident Hacker @InsideStairwell, Adjunct Senior Cyber Threat Researcher @IST_org,Justin Elze @HackingLZ
52K Followers 5K Following Hacker/CTO @TrustedSec | Former Optiv/SecureWorks/Accuvant Labs/Redspin | Race carsdr4k0nia @dr4k0nia
5K Followers 97 Following Security Researcher, student in the meantime 👧🏻 I specialize in .NET malware analysis and tooling My Blog ✍🏻 https://t.co/UetpEwyAGqAndrew Thompson @ImposeCost
34K Followers 1K Following Head of Research and Discovery @Mandiant/@GoogleCloud. Understanding and countering adversaries. Posts attributable to me—not my employer.Adam @Hexacorn
24K Followers 1K Following Red Brain, Blue Fingers [email protected] https://t.co/Bm0C9KQDDY RIP TwitterGameel Ali 🤘 @MalGamy12
5K Followers 920 Following Threat Researcher @nextronsystems and volunteer at @vxundergroundDodo on Security 🇵.. @dodo_sec
2K Followers 875 Following Brazilian Security Analyst | Malware Analysis | Responsible for the Slowest Algo in HashDB | Can barely reverse Hello World | PTCRussianPanda 🐼 �.. @RussianPanda9xx
8K Followers 350 Following Senior Threat Intelligence Researcher at @esthreat | Threat Hunter | Malware AddictEva @Diianna5
18 Followers 234 Following Love life, enjoy traveling, enjoy different landscapes and cultural history (hope to meet friends with common interestsFrances Satsky @SatsFranc
94 Followers 5K Followingcl0ak_th3_r3ap3r @ghostin43
15 Followers 197 FollowingW3ndige (@w3ndige@inf.. @w3ndige
1K Followers 456 Following Malware Analysis | Reverse Engineering | Security Researcher at @kryptoslogicKylearan @xorkyle
3 Followers 114 FollowingRecep @Batmanly_72
63 Followers 2K FollowingMaximumEffort...Have .. @joewise34
178 Followers 130 FollowingJunkCod3 @0xJunkCod3
23 Followers 120 Following Aspiring malware researcher | Blog and other research nonsense | Tweets are my own and all that yadda yaddaMoroco @xmoroco
43 Followers 470 FollowingMoneyMoney @TechAnalyst_
364 Followers 3K Following Elliottwave Tech News Stock Markets Tech Professionals & ReportersJosuke @Jotar056
0 Followers 1K Followinginconsistency @ucgJhe
221 Followers 4K Following My tweets belong to a cranky guinea pig that lives in my imagination.O O A @Rahysss
1K Followers 784 Following SOC Analyst | Digital Forensic Analyst | IronHack Alumni | Student KNURECyberYeagerist @CyberYeagerist
52 Followers 62 Following KKxp64ppQrEUNaZbO5EV62Za65ZjRG/rOKsg65ZjRG/gOLNZ9W/7NW/tPrIUP4xjQqIg65ZjRG/YOKIi62Za65ZjRG/YPqsbR0/aOKRcR0kUSKxp64BVPWRo65RdPW2Jakub Štrom @Jakubstrom
6 Followers 39 Followingbazingy @bazingy
7 Followers 701 FollowingHussain Alqurashi @qurashi_hm
125 Followers 3K FollowingNaman Devnani @naman_devnani
331 Followers 5K Following Security Researcher | Purple Team | Bug Hunter | CTF Player | Science & Tech Enthusiast | R&D | All-Source Intelligence | CAP | DCSP | TTIA | BCDEInvoke RE @InvokeReversing
441 Followers 45 Following Malware analysis can be hard, but learning it shouldn't be.Daniel Besmer @besmerd_
7 Followers 143 FollowingPhilippe Lagadec @decalage2
5K Followers 1K Following Author of oletools, olefile, ViperMonkey, ExeFilter, Balbuzard. #DFIR, #malware analysis, maldocs, file formats, #Python. @[email protected]Nguyễn Thanh Vuy �.. @DukeSec97
101 Followers 3K Following Cyber Security, malware, bug bounty hunter 🍷4d@m @sweep_inspector
198 Followers 2K Following IR consultant @mandiant, ex @cisco, avgeek. Views are my own and don't reflect those of my employer.Chuck Woodraska @ChuckWoodraska
157 Followers 384 Following You're only famous if they know your name, otherwise you're infamous. #ChuckYa #TOAOcbaulesch @cbaulesch
25 Followers 128 FollowingAkshit Singh @akshit_it4ch1
36 Followers 326 Following Reverse engineer and Malware Analyst CTF-Player @InfoSecIITR Sophomore@IITRannumeena @annumeena19
62 Followers 4K FollowingOIHEC hackers @HackersOIHEC
43K Followers 7K Following Hacker mexicano - Fundador de OIHEC antes OMHE - #opensoc #latam #speaker #pentester #blueteam #redteam #criptoanarquista #securityMarwan Nour @__M4rwan
38 Followers 396 Following Cybersecurity engineer. @AUB_Lebanon & @Polytechnique Alumnus.Berk Albayrak @brkalbyrk7
987 Followers 1K Following Threat Research Team Lead @malwation | TI | OSINT | TA2AQX 📡kimbo4 @Be4orn
136 Followers 1K FollowingNam Pho @npho_
388 Followers 4K Following Building supercomputers and other scientific computing infrastructure for researchers in the higher education, non-profit, and government spaces.ŗ̈́o̬̎͂ͦ̚ỏͧ.. @hackaroosta
7 Followers 529 Following the world will see a great result from my handsAndré Roth @AndrRoth6
46 Followers 317 FollowingMostafa Farghaly @M4lcode
160 Followers 213 Following Malware Analyst @cyber5w | Reverse Engineer | 17 YoDavid Clesius @DClesius
5 Followers 76 FollowingKarsten Hahn @struppigel
22K Followers 702 Following Malware Researcher at G DATA. Ransomware hunter. he/him 🦔🌈🏳️⚧️Josh Stroschein | The.. @jstrosch
8K Followers 1K Following Reverse engineer at FLARE/@Google | @pluralsight author | 700K+ views on YT 😱 Find FREE resources below👇Virus Bulletin @virusbtn
59K Followers 1K Following Security information portal, testing and certification body. Organisers of the annual Virus Bulletin conference. @[email protected]Silas Cutler // p1nk @silascutler
13K Followers 2K Following Hacker, sometimes researcher @Only_Scans, @mal_share Resident Hacker @InsideStairwell, Adjunct Senior Cyber Threat Researcher @IST_org,dr4k0nia @dr4k0nia
5K Followers 97 Following Security Researcher, student in the meantime 👧🏻 I specialize in .NET malware analysis and tooling My Blog ✍🏻 https://t.co/UetpEwyAGqAdam @Hexacorn
24K Followers 1K Following Red Brain, Blue Fingers [email protected] https://t.co/Bm0C9KQDDY RIP TwitterRussianPanda 🐼 �.. @RussianPanda9xx
8K Followers 350 Following Senior Threat Intelligence Researcher at @esthreat | Threat Hunter | Malware AddictDaniel Mayer @dan__mayer
547 Followers 492 Following https://t.co/K4CorT895N Adversary Simulation @specteropsMatthieu Walter @matth_walter
137 Followers 420 Followingjinmo123 @jinmo123
1K Followers 8 FollowingFlorian Magin @0x464D
541 Followers 373 Following Hacker and Reverse Engineer of Computers, Brains, Neural Networks and ConsciousnessRolf Rolles @RolfRolles
14K Followers 353 Following Static reverse engineering, deobfuscation, program analysis and formal verification, training, mathematics, compilers, functional programming, etc.Malwrologist @DissectMalware
15K Followers 164 Following Senior Security Engineer @Amazon. Ex Assistant Professor. Opinions are mine; not my employer's. DM is open. Author of xlmdeobfuscator and https://t.co/eh1fMHMADEWashi @washi_dev
1K Followers 58 Following Developer - Reverse engineer - CTF player - Scrub. 🔧 I develop #AsmResolver and ✍️ blog about my (crazy) projects. @[email protected]Cindʎ Xiao @cxiao__
80 Followers 741 Following professional strings(1) operator https://t.co/nGXMlaUKlABoymoder RE @boymoderRE
991 Followers 19 Following Boymoder RE does not, has not, and will never exist.Didier Stevens @DidierStevens
35K Followers 5K Following 5-to-9 security researcher, Microsoft MVP, ISC Handler. Mostly IT security. & programming. & (hardware) hacking. & maldocs PDF/DOC. Avatar: https://t.co/AtaPkdT5g3The Captain @TheCapta.. @ArrrCaptain
887 Followers 302 Following Digital polyglot and Ghidra alumnus, he/him @[email protected]Johannes Bader @viql
2K Followers 173 Following Reverse engineer / malware analyst. On the hunt for domain generation algorithms. Currently side project: https://t.co/Cv3COq0ZmRMarius 'f0wL' Genheim.. @f0wlsec
3K Followers 2K Following Malware REsearch/DFIR @SI_FalconTeam | Staff @vxunderground (Malware & APT Curation) | @chaosdarmstadt | @[email protected]Karsten @gr4yf0x
815 Followers 887 Following @[email protected] aka K³; Physicist now mostly interested in security stuffEric Wastl @ericwastl
29K Followers 0 Following Created https://t.co/Y9jHxpfLdQ, https://t.co/2Cg3Tc4ozv, https://t.co/BSHyKj3GKD, https://t.co/Ru4QENCKrM; Principal Architect @ACVAuctionsLars @larsborn
469 Followers 87 Following 🐘 https://t.co/lIjSr7UBO2 Malware Analyst, Reverse Engineer, Software Developer, Mathematician, Teacher, Podcaster, send cat picsCommunity resource: binref Commonly referred to as the 'command line version of CyberChef', Binary Refinery is a collection of Python scripts for transforming data. github.com/binref/refiner…
Ever wonder what is buried in a 10 year old file infector? What files has it collected over the years? Join us at 1300 EST today and find out! #OALabsLive #SundaySandboxCentipede
@huettenhain I'm checking it out now :) Thanks for pointing out these use cases, really helps to find ways to improve workflows!
Simple #binref one liner to extract a xored shellcode: - emit sc.bin | snip 27: | xor 0x97 | peek -E | dump sc_xored.bin
@hackaroosta It’s called BinaryRefinery! github.com/binref/refinery Written by @huettenhain and it rules There are tutorials in the repo and a great video on it here: youtu.be/4gTaGfFyMK4?si…
@BlueTeamJK More obscure is Binary Refinery, which is a dope project: youtube.com/watch?v=wsfGOW…
What are the hot command line tools that you believe are underrepresented out here? Binary Refinery is one that I feel is still lesser known. If you were like me hoping for a command line version of CyberChef, check this project out: github.com/binref/refinery
@HackingLZ @nas_bench Go go *** Binary Refinery ***
🦔 📹 New Video: Unpacking JScript -> PowerShell -> XWorm with Binary Refinery #MalwareAnalysisForHedgehogs #XWorm youtube.com/watch?v=5ZtmYN…
Debloat removes junk from inflated executables. github.com/Squiblydoo/deb… New enhancements in Debloat v1.5.4 - Solves new cases - Solves some cases faster; 9sec -> 3sec - Simpler icon for GUI version - Reports inflation tactic
Debugging Windows Internals with x64dbg! x.com/i/broadcasts/1…
Binary refinery snippet to decrypt XOR encrypted stack strings of #RisePro stealer. The output is useable as Python dict.
#binref pipeline: emit <sample> | rex "\xC7(\x85....|\x45.).{4}\xC7(\x85|\x45).{50}" [| put o offset | rex "\xC7(\x85....|\x45.)(.{4})" {2} [| nop ]| alu -s "0-101" --inc "B^S" | carve -n 4 printable | resub \\ \\ | resub \" \\\" | cfmt {o} : \"{}\", ]]
Everyone like's @CrowdStrike's actor naming - even Russia!
Russia-based Cyber Threat Intelligence firms have an APT name designated for the United States government: Sand Eagle
🛠️ Refinery A collection of Python scripts built to aid with malware triage Pipeable | read from stdin, write to STDOUT Think commandline CyberChef By @huettenhain #cybersecurity #blueteam github.com/binref/refinery
@vxunderground @CrowdStrike Scattered Spider, Aquatic Panda, Nemesis Kitten, and Labyrinth Chollima
@huettenhain @ex_raritas even binwalk calls out to Roshal's UNRAR 6.xx