-
I'm testing some adversary emulation on Caldera and I'm using Sandcat as the agent to deploy operations. I have this ability with just an executable called Backstab and it runs fine both locally and w…
-
建议增加一个Procmon的bootlogging功能,对于分析开机引导的恶意程序非常有用。
实现如下:
1、通过GUI写驱动服务自启、写驱动配置(捕获哪些数据、捕获多久/多大后自动停止还是手动停止、记录保存在哪里);
2、重启系统后,驱动根据配置开始捕获数据,并写入记录文件到指定目录(procmon默认在windows目录,后缀为pmb文件);
3、再次运行GUI程序时,检测是否为b…
-
### Describe what you noticed and did
![2024-08-06_200740](https://github.com/user-attachments/assets/91d50b05-b0a5-44b2-b245-5414ad9799b4)
If you set automatic deletion for any sandbox, it will fai…
-
1) I downloaded nbs-irc*.zip and extracted to %appdata%\nbs-irc
2) I created a shortcut to: "C:\Program Files (x86)\mIRC\mirc.exe" -r%appdata%\nbs-irc
3) I launch the application and get the following…
ghost updated
8 years ago
-
Dear Tamas K. Lengyel Sir,
From previous instructions by you, we have successfully generated some logs.
In logs we found some extra features like -
1) Syscall Time
2) Sysret Time
3) Delayi…
-
Windows 7 32 bit
I download and install VSCode. Then I install vscode-vlang extention, and finally clone and build vls.
I write path to vls.exe and activate checkbox "Vls:Enable"
![image](https://u…
-
### Details
when starting fakenet, chrome, and processExplorer and IDA from the taskbar, I get a duplication which is confusing:
![image](https://github.com/mandiant/VM-Packages/assets/16052290/17d…
Ana06 updated
3 weeks ago
-
## Describe your environment
- Version of OpenCppCoverage: 0.9.7
- Architecture (x86/ x64): x64
- Windows version: 7
## Describe your problem
Steps to reproduce:
1. Open procmon.exe (from Wind…
-
I'm still encountering these issue daily with ransomware. What are you thoughts about adding an option to just eliminate the extension of the output file altogether? Many of the samples that I've enco…
-
Windows 7 64.
Hi guys. Jitsi awesome! And you too. You did greate work!
I cant start Stable version of Jitsi (jitsi-2.10.5550-x86 and jitsi-2.10.5550-x64).
But development version work like ch…