-
Hello,
I am relatively new to GitHub, but I have noticed whenever I use FakeNet and I have network traffic that has an IP in the "HostBlackList" section of the config my FakeNet screen is spammed wi…
-
This issue is related to the latest HTML report feature. As of now, all captured traffic by FakeNet including traffic from known Windows services and applications are listed in the HTML report. It wou…
-
## Summary
Generic way to identify shellcode hashing functions.
See #166
## Features
- (tight) loops
- ROR/ROL/SHIFT/XOR/ADD/SUB
- PEB offsets
- PE offsets
-
_Originally posted by @williballenthin in https://github.com/mandiant/capa/pull/1080#discussion_r912047439_
ideally, we want to be able to install capa simply by doing `pip install flare-capa` and/…
-
hello,when i click the link to download Victim VM,i get a report says "Bucket is a requester pays bucket but no user project provided.",can you give me some advice to download it?thank you
-
These strings appear to be related to RTTI / reflection. two things suggest this:
1. their contents, which are Go type names, and
2. working backwards, to see where they're used, are type desc…
-
### Package Name
bochs
### Tool Name
Bochs
### Package type
OTHER (installer)
### Is the tool a console application?
false
### Tool's version number
2.7
### Category
D…
-
### Details
The UAC promp is annoying/time consuming as we need to launch many of our tools in admin mode. Disabling it has the issue that we won't notice that malware want to get admin priviledges b…
Ana06 updated
9 months ago
-
-
### Details
As detailed in this [post](https://answers.microsoft.com/en-us/windows/forum/all/disabling-the-office-hotkey-in-windows-10/58e2f30f-8556-4f73-bf0c-56544697218d), the default mapping of `A…
binjo updated
10 months ago