Chapter 5: Deobfuscating PowerShell Scripts/Payloads

[AndrewRathbun]

@gh0x0st can you update this issue with your topic of choice? As interest grows, I want to make sure topics aren't duplicates for new people coming in.

[ApexPredator-InfoSec]

I'm pretty sure he was going to do deobfuscating powershell scripts/payloads.

[AndrewRathbun]

Hey there! I'm tentatively setting 7/31/2022 as a milestone for publishing v1.0 of this book. We'll have the title decided in the next couple weeks which will be the first of multiple administrative tasks we'll complete in July. At this point, please let me know if you intend to have at least a working, editable version of your chapter by 7/31/2022.

If not, please know that's perfectly fine. It doesn't mean your chapter won't get published, it just won't get published in v1.0. It'll simply be added when it's ready to be published and I'll push out a new version of the book, (i.e., V1.3, v1.7, etc) with your new content. I hope we have about 10 ready to go by 7/31/2022 so we can push to publish v1.0 shortly thereafter, but I won't know that until I hear from you! So, please let me know!

[ApexPredator-InfoSec]

When I talked to him last week he said he had content done and wanted to edit\clean it up before uploading. I'll ping him again and let him know he can going ahead an upload so you and the rest of the crew can help with the editing.

[gh0x0st]

My apologies for the delay. I got a bit behind when my 9 month old was hospitalized. I will have it uploaded by 7/1 for editing / review.

[AndrewRathbun]

My apologies for the delay. I got a bit behind when my 9 month old was hospitalized. I will have it uploaded by 7/1 for editing / review.

No apologies needed. I have a little one myself. They are more important than anything we have going on here. Take your time!

[gh0x0st]

I have uploaded the initial draft of the content for chapter 8. Thank you all again for being patient and understanding with me. Without everyone out of the hospital things are starting to get back to normal.

[AndrewRathbun]

I have uploaded the initial draft of the content for chapter 8. Thank you all again for being patient and understanding with me. Without everyone out of the hospital things are starting to get back to normal.

Family first. ALWAYS. Hope things are on the mend for you very soon.

I will mark your chapter as writing finished and editing needed. Thank you for your efforts!

[AndrewRathbun]

@gh0x0st I've done a pass through your chapter. Great stuff! Thank you for doing this chapter :)

[AndrewRathbun]

I need to figure out why your 2 images aren't parsing properly in the PDF, but it won't happen tonight. I'm exhausted...will tackle it tomorrow.

[gh0x0st]

Thank you for taking the time to go through it! This was a very fun topic. I made a typo in the markdown that I fixed after you generated the PDF so it may be all set. Is there anything I need to do in the repo or leanpub? Also, I have a habit of critiquing myself after something is submitted so I may make a few minor formatting changes if that's ok.

[AndrewRathbun]

You can make changes whenever you want. We own the publishing tempo. Obviously, we've not published yet but whenever you want to make a change, just make it and we'll update the files on Leanpub. I think you're all set at this point. Make whatever changes you want whenever be it a week from now or 2 years from now. If you want to write another chapter, go crazy! Nothing says you can't update your current chapter or write another. This is OUR book that we can do what we want with.

[gh0x0st]

Sounds good to me! I'm really excited for this book as well as all the amazing collaboration we have going on. I have a few ideas in mind for another chapter or two. I'll think them through and will hit you up on Discord.

[AndrewRathbun]

As we approach publishing v1 of this book, please review the most recent files uploaded to this folder and ensure your chapter looks the way you want it to. If not, please make appropriate adjustments and advise me to regenerate the preview book files.

Additionally, if you've not been invited to the book on Leanpub yet, please provide me with an email address so I can invite you on there.

Thank you for completing your chapter! I hope this has been a fulfilling experience for you!

[gh0x0st]

I gave it another read through and will sleep on it. Will comment again tomorrow after one more review.

[AndrewRathbun]

I need to figure out why your 2 images aren't parsing properly in the PDF, but it won't happen tonight. I'm exhausted...will tackle it tomorrow.

Special thanks to @Nisarg12 for fixing this!

https://github.com/Digital-Forensics-Discord-Server/TheHitchhikersGuidetoDFIRExperiencesFromBeginnersandExperts/commit/315b55986969a9f3043df7b188b15ba8fd3474af

[gh0x0st]

I'm good to go .