Jesko Hüttenhain @huettenhain
Too much technology, in too little time. huettenhain.net DE Joined February 2015-
Tweets477
-
Followers927
-
Following29
-
Likes426
Ever wonder what is buried in a 10 year old file infector? What files has it collected over the years? Join us at 1300 EST today and find out! #OALabsLive #SundaySandboxCentipede
What a great opportunity for a #BinaryRefinery showcase! xt exe | xt | push [ | bat | carve -d string | iffs = | b64 | pop k i | carve -sd b64 | aes --iv=eat:i eat:k | zl | peek -mm ] 📌 github.com/binref/refiner…
What a great opportunity for a #BinaryRefinery showcase! xt exe | xt | push [ | bat | carve -d string | iffs = | b64 | pop k i | carve -sd b64 | aes --iv=eat:i eat:k | zl | peek -mm ] 📌 github.com/binref/refiner… https://t.co/DKCSBtIrGA
Hey #100DaysofYARA friends and fans! I am looking for a successor to take up the 100 days of yara mantle. I’ll still participate of course, but I think the challenge has reached a point where it can grow much more under a more organized eye
What are the hot command line tools that you believe are underrepresented out here? Binary Refinery is one that I feel is still lesser known. If you were like me hoping for a command line version of CyberChef, check this project out: github.com/binref/refinery
@HackingLZ @nas_bench Go go *** Binary Refinery ***
🦔 📹 New Video: Unpacking JScript -> PowerShell -> XWorm with Binary Refinery #MalwareAnalysisForHedgehogs #XWorm youtube.com/watch?v=5ZtmYN…
Backdoor in upstream xz/liblzma leading to ssh server compromise openwall.com/lists/oss-secu…
Debloat removes junk from inflated executables. github.com/Squiblydoo/deb… New enhancements in Debloat v1.5.4 - Solves new cases - Solves some cases faster; 9sec -> 3sec - Simpler icon for GUI version - Reports inflation tactic
Debugging Windows Internals with x64dbg! x.com/i/broadcasts/1…
Binary refinery snippet to decrypt XOR encrypted stack strings of #RisePro stealer. The output is useable as Python dict.
#AsmResolver 5.5.1 is out! This is a maintenance release, adding #dotnet 8.0 targets and fixes issues related to type signatures, CIL optimizations, as well as some rare edge cases in .NET metadata directory parsing. Get it on GitHub/NuGet: 👉 github.com/Washi1337/AsmR…
Are you decoding payloads by pasting hex dumps into a browser window and clicking on things with your mouse? Would you rather not? Get back that hacker feeling. Try binary refinery. 🏭 github.com/binref/refiner… 🏭 (and if you haven't updated in a while, get that pip going)
Sergei’s going hard. This is insanely high quality and relevant educational content.
Sergei’s going hard. This is insanely high quality and relevant educational content.
We’ve uploaded our second Binary Ninja scripting stream, where we finished our static unpacker with the help of Binary Refinery (@huettenhain) to unpack Qakbot DLLs: youtube.com/watch?v=utqaGg… We also found an interesting packer variant that uses indirect syscalls to load a…
I propose "llol" for "literal lol" when you actually laugh at something on screen. Please use only sparingly, or as a typo.
Introduction to YARA - Part 3 YARA Use Cases #100DaysOfYara
New Video: APT Turla's Kopiluwak🦔📹 This is a suitable beginner sample for writing a C2 extractor with binary refinery or CyberChef 🔗 Chain: VBA ➡️ JS ➡️ JS #MalwareAnalysisForHedgehogs youtube.com/watch?v=ReY0JH…
New Video: Deobfuscation of JScript malware like GootLoader using 3 methods 🦔 ➡️ regex ➡️ AST manipulation ➡️ dynamic deobfuscation #GootLoader #MalwareAnalysisForHedgehogs #AST #JScript youtube.com/watch?v=DjaptW…
Florian Roth @cyb3rops
180K Followers 2K Following Head of Research @nextronsystems #DFIR #YARA #Sigma | detection engineer | creator of @thor_scanner, Aurora, Sigma, LOKI, YARA-Forge | always busy ⌚️🐇
ςεяβεяμs - м�.. @c3rb3ru5d3d53c
21K Followers 235 Following 💕 Malware Hunter Killer 💕 #binlex & #mwcfg Developer 📽️ YouTuber 👩💻 She/Her 💍@DravenSwiftbow Support my work 👇 ☕️ https://t.co/SfTI8uJa23
Karsten Hahn @struppigel
22K Followers 702 Following Malware Researcher at G DATA. Ransomware hunter. he/him 🦔🌈🏳️⚧️
Jiří Vinopal @vinopaljiri
8K Followers 429 Following Threat Researcher at Check Point @_CPResearch_ #DFIR #Reversing - All opinions expressed here are mine only. https://t.co/iWvwWF1AnN
0xor0ne @0xor0ne
55K Followers 526 Following | CyberSecurity | Reverse Engineering | C and Rust | Exploit | Linux kernel | PhD | My Tweets, My Opinions :) |
Josh Stroschein | The.. @jstrosch
8K Followers 1K Following Reverse engineer at FLARE/@Google | @pluralsight author | 700K+ views on YT 😱 Find FREE resources below👇
GuidedHacking @GuidedHacking
37K Followers 328 Following Reverse Engineering, Game Hacking, Malware Analysis & Exploit Development @ https://t.co/Dl5ED4o7YS
Matthew @embee_research
12K Followers 1K Following Malware Researcher & Reverse Engineer | Creating and Sharing Educational Cyber Content
Myrtus @Myrtus0x0
7K Followers 699 Following Malware Researcher | Developer | @Cryptolaemus1 | @Proofpoint. Will happily talk about malware with anyone. bsky: [email protected]
Gi7w0rm @Gi7w0rm
14K Followers 678 Following Threat Intelligence and #URINT Analyst | See my Linktree for other socials | In case I post false intel, contact me! Support me: https://t.co/5WgDqr0K8p
Silas Cutler // p1nk @silascutler
13K Followers 2K Following Hacker, sometimes researcher @Only_Scans, @mal_share Resident Hacker @InsideStairwell, Adjunct Senior Cyber Threat Researcher @IST_org,
Justin Elze @HackingLZ
52K Followers 5K Following Hacker/CTO @TrustedSec | Former Optiv/SecureWorks/Accuvant Labs/Redspin | Race cars
dr4k0nia @dr4k0nia
5K Followers 97 Following Security Researcher, student in the meantime 👧🏻 I specialize in .NET malware analysis and tooling My Blog ✍🏻 https://t.co/UetpEwyAGq
Andrew Thompson @ImposeCost
34K Followers 1K Following Head of Research and Discovery @Mandiant/@GoogleCloud. Understanding and countering adversaries. Posts attributable to me—not my employer.
Adam @Hexacorn
24K Followers 1K Following Red Brain, Blue Fingers [email protected] https://t.co/Bm0C9KQDDY RIP Twitter
Gameel Ali 🤘 @MalGamy12
5K Followers 920 Following Threat Researcher @nextronsystems and volunteer at @vxunderground
Dodo on Security 🇵.. @dodo_sec
2K Followers 875 Following Brazilian Security Analyst | Malware Analysis | Responsible for the Slowest Algo in HashDB | Can barely reverse Hello World | PTC
RussianPanda 🐼 �.. @RussianPanda9xx
8K Followers 350 Following Senior Threat Intelligence Researcher at @esthreat | Threat Hunter | Malware Addict
Eva @Diianna5
18 Followers 234 Following Love life, enjoy traveling, enjoy different landscapes and cultural history (hope to meet friends with common interests
Frances Satsky @SatsFranc
94 Followers 5K Following
cl0ak_th3_r3ap3r @ghostin43
15 Followers 197 Following
W3ndige (@w3ndige@inf.. @w3ndige
1K Followers 456 Following Malware Analysis | Reverse Engineering | Security Researcher at @kryptoslogic
Kylearan @xorkyle
3 Followers 114 Following
Recep @Batmanly_72
63 Followers 2K Following
MaximumEffort...Have .. @joewise34
178 Followers 130 Following
JunkCod3 @0xJunkCod3
23 Followers 120 Following Aspiring malware researcher | Blog and other research nonsense | Tweets are my own and all that yadda yadda
Moroco @xmoroco
43 Followers 470 Following
MoneyMoney @TechAnalyst_
364 Followers 3K Following Elliottwave Tech News Stock Markets Tech Professionals & Reporters
Josuke @Jotar056
0 Followers 1K Following
inconsistency @ucgJhe
221 Followers 4K Following My tweets belong to a cranky guinea pig that lives in my imagination.
O O A @Rahysss
1K Followers 784 Following SOC Analyst | Digital Forensic Analyst | IronHack Alumni | Student KNURE
CyberYeagerist @CyberYeagerist
52 Followers 62 Following KKxp64ppQrEUNaZbO5EV62Za65ZjRG/rOKsg65ZjRG/gOLNZ9W/7NW/tPrIUP4xjQqIg65ZjRG/YOKIi62Za65ZjRG/YPqsbR0/aOKRcR0kUSKxp64BVPWRo65RdPW2
Jakub Štrom @Jakubstrom
6 Followers 39 Following
bazingy @bazingy
7 Followers 701 Following
Hussain Alqurashi @qurashi_hm
125 Followers 3K Following
Naman Devnani @naman_devnani
331 Followers 5K Following Security Researcher | Purple Team | Bug Hunter | CTF Player | Science & Tech Enthusiast | R&D | All-Source Intelligence | CAP | DCSP | TTIA | BCDE
Invoke RE @InvokeReversing
441 Followers 45 Following Malware analysis can be hard, but learning it shouldn't be.
Daniel Besmer @besmerd_
7 Followers 143 Following
Philippe Lagadec @decalage2
5K Followers 1K Following Author of oletools, olefile, ViperMonkey, ExeFilter, Balbuzard. #DFIR, #malware analysis, maldocs, file formats, #Python. @[email protected]
Nguyễn Thanh Vuy �.. @DukeSec97
101 Followers 3K Following Cyber Security, malware, bug bounty hunter 🍷
4d@m @sweep_inspector
198 Followers 2K Following IR consultant @mandiant, ex @cisco, avgeek. Views are my own and don't reflect those of my employer.
Chuck Woodraska @ChuckWoodraska
157 Followers 384 Following You're only famous if they know your name, otherwise you're infamous. #ChuckYa #TOAO
cbaulesch @cbaulesch
25 Followers 128 Following
Akshit Singh @akshit_it4ch1
36 Followers 326 Following Reverse engineer and Malware Analyst CTF-Player @InfoSecIITR Sophomore@IITR
annumeena @annumeena19
62 Followers 4K Following
OIHEC hackers @HackersOIHEC
43K Followers 7K Following Hacker mexicano - Fundador de OIHEC antes OMHE - #opensoc #latam #speaker #pentester #blueteam #redteam #criptoanarquista #security
Marwan Nour @__M4rwan
38 Followers 396 Following Cybersecurity engineer. @AUB_Lebanon & @Polytechnique Alumnus.
Berk Albayrak @brkalbyrk7
987 Followers 1K Following Threat Research Team Lead @malwation | TI | OSINT | TA2AQX 📡
kimbo4 @Be4orn
136 Followers 1K Following
Nam Pho @npho_
388 Followers 4K Following Building supercomputers and other scientific computing infrastructure for researchers in the higher education, non-profit, and government spaces.
ŗ̈́o̬̎͂ͦ̚ỏͧ.. @hackaroosta
7 Followers 529 Following the world will see a great result from my hands
André Roth @AndrRoth6
46 Followers 317 Following
Mostafa Farghaly @M4lcode
160 Followers 213 Following Malware Analyst @cyber5w | Reverse Engineer | 17 Yo
David Clesius @DClesius
5 Followers 76 Following
Karsten Hahn @struppigel
22K Followers 702 Following Malware Researcher at G DATA. Ransomware hunter. he/him 🦔🌈🏳️⚧️
Josh Stroschein | The.. @jstrosch
8K Followers 1K Following Reverse engineer at FLARE/@Google | @pluralsight author | 700K+ views on YT 😱 Find FREE resources below👇
Virus Bulletin @virusbtn
59K Followers 1K Following Security information portal, testing and certification body. Organisers of the annual Virus Bulletin conference. @[email protected]
Silas Cutler // p1nk @silascutler
13K Followers 2K Following Hacker, sometimes researcher @Only_Scans, @mal_share Resident Hacker @InsideStairwell, Adjunct Senior Cyber Threat Researcher @IST_org,
dr4k0nia @dr4k0nia
5K Followers 97 Following Security Researcher, student in the meantime 👧🏻 I specialize in .NET malware analysis and tooling My Blog ✍🏻 https://t.co/UetpEwyAGq
Adam @Hexacorn
24K Followers 1K Following Red Brain, Blue Fingers [email protected] https://t.co/Bm0C9KQDDY RIP Twitter
RussianPanda 🐼 �.. @RussianPanda9xx
8K Followers 350 Following Senior Threat Intelligence Researcher at @esthreat | Threat Hunter | Malware Addict
Daniel Mayer @dan__mayer
547 Followers 492 Following https://t.co/K4CorT895N Adversary Simulation @specterops
Matthieu Walter @matth_walter
137 Followers 420 Following
jinmo123 @jinmo123
1K Followers 8 Following
Florian Magin @0x464D
541 Followers 373 Following Hacker and Reverse Engineer of Computers, Brains, Neural Networks and Consciousness
Rolf Rolles @RolfRolles
14K Followers 353 Following Static reverse engineering, deobfuscation, program analysis and formal verification, training, mathematics, compilers, functional programming, etc.
Malwrologist @DissectMalware
15K Followers 164 Following Senior Security Engineer @Amazon. Ex Assistant Professor. Opinions are mine; not my employer's. DM is open. Author of xlmdeobfuscator and https://t.co/eh1fMHMADE
Washi @washi_dev
1K Followers 58 Following Developer - Reverse engineer - CTF player - Scrub. 🔧 I develop #AsmResolver and ✍️ blog about my (crazy) projects. @[email protected]
Cindʎ Xiao @cxiao__
80 Followers 741 Following professional strings(1) operator https://t.co/nGXMlaUKlA
Boymoder RE @boymoderRE
991 Followers 19 Following Boymoder RE does not, has not, and will never exist.
Didier Stevens @DidierStevens
35K Followers 5K Following 5-to-9 security researcher, Microsoft MVP, ISC Handler. Mostly IT security. & programming. & (hardware) hacking. & maldocs PDF/DOC. Avatar: https://t.co/AtaPkdT5g3
The Captain @TheCapta.. @ArrrCaptain
887 Followers 302 Following Digital polyglot and Ghidra alumnus, he/him @[email protected]
Johannes Bader @viql
2K Followers 173 Following Reverse engineer / malware analyst. On the hunt for domain generation algorithms. Currently side project: https://t.co/Cv3COq0ZmR
Marius 'f0wL' Genheim.. @f0wlsec
3K Followers 2K Following Malware REsearch/DFIR @SI_FalconTeam | Staff @vxunderground (Malware & APT Curation) | @chaosdarmstadt | @[email protected]
Karsten @gr4yf0x
815 Followers 887 Following @[email protected] aka K³; Physicist now mostly interested in security stuff
Eric Wastl @ericwastl
29K Followers 0 Following Created https://t.co/Y9jHxpfLdQ, https://t.co/2Cg3Tc4ozv, https://t.co/BSHyKj3GKD, https://t.co/Ru4QENCKrM; Principal Architect @ACVAuctions
Lars @larsborn
469 Followers 87 Following 🐘 https://t.co/lIjSr7UBO2 Malware Analyst, Reverse Engineer, Software Developer, Mathematician, Teacher, Podcaster, send cat pics
Community resource: binref Commonly referred to as the 'command line version of CyberChef', Binary Refinery is a collection of Python scripts for transforming data. github.com/binref/refiner…
Ever wonder what is buried in a 10 year old file infector? What files has it collected over the years? Join us at 1300 EST today and find out! #OALabsLive #SundaySandboxCentipede
@huettenhain I'm checking it out now :) Thanks for pointing out these use cases, really helps to find ways to improve workflows!
Simple #binref one liner to extract a xored shellcode: - emit sc.bin | snip 27: | xor 0x97 | peek -E | dump sc_xored.bin
@hackaroosta It’s called BinaryRefinery! github.com/binref/refinery Written by @huettenhain and it rules There are tutorials in the repo and a great video on it here: youtu.be/4gTaGfFyMK4?si…
@BlueTeamJK More obscure is Binary Refinery, which is a dope project: youtube.com/watch?v=wsfGOW…
What are the hot command line tools that you believe are underrepresented out here? Binary Refinery is one that I feel is still lesser known. If you were like me hoping for a command line version of CyberChef, check this project out: github.com/binref/refinery
@HackingLZ @nas_bench Go go *** Binary Refinery ***
🦔 📹 New Video: Unpacking JScript -> PowerShell -> XWorm with Binary Refinery #MalwareAnalysisForHedgehogs #XWorm youtube.com/watch?v=5ZtmYN…
Debloat removes junk from inflated executables. github.com/Squiblydoo/deb… New enhancements in Debloat v1.5.4 - Solves new cases - Solves some cases faster; 9sec -> 3sec - Simpler icon for GUI version - Reports inflation tactic
Debugging Windows Internals with x64dbg! x.com/i/broadcasts/1…
Binary refinery snippet to decrypt XOR encrypted stack strings of #RisePro stealer. The output is useable as Python dict.
#binref pipeline: emit <sample> | rex "\xC7(\x85....|\x45.).{4}\xC7(\x85|\x45).{50}" [| put o offset | rex "\xC7(\x85....|\x45.)(.{4})" {2} [| nop ]| alu -s "0-101" --inc "B^S" | carve -n 4 printable | resub \\ \\ | resub \" \\\" | cfmt {o} : \"{}\", ]]
Everyone like's @CrowdStrike's actor naming - even Russia!
Russia-based Cyber Threat Intelligence firms have an APT name designated for the United States government: Sand Eagle
🛠️ Refinery A collection of Python scripts built to aid with malware triage Pipeable | read from stdin, write to STDOUT Think commandline CyberChef By @huettenhain #cybersecurity #blueteam github.com/binref/refinery
@vxunderground @CrowdStrike Scattered Spider, Aquatic Panda, Nemesis Kitten, and Labyrinth Chollima
@huettenhain @ex_raritas even binwalk calls out to Roshal's UNRAR 6.xx
Trends for United States
You might like
