t-tani
@_t_taniResearch Engineer/Malware Analyst/Forensic Investigator/ Speaker at CODE BLUE, BSidesLV, BlackHat USA Arsenal, PHDays and, Virus Bulletin, Botconf
Similar User
@00001B1A
@hamasho_2
@tadmaddad
@soji256
@shu_tom
@tsukarata
@anemone_fish
@matcha_shake
@dsasaki5
@nhnmomonga
@ninoseki
@kasasagi_ta
@chayakonanaika
@ymzkei5
@tachi4439
Our malware detection tool YAMA, which can scan memory based on your own YARA rule, is now available! Don't miss out on JPCERT/CC's presentation about the tool at #BlackHatUSA Arsenal at 10am on 9 Aug. ^MT blogs.jpcert.or.jp/en/2023/08/yam… github.com/JPCERTCC/YAMA
2023年1月25-26日(水、木)にJSAC2023を開催します。そして、本日からCFP・CFWの募集を開始しました。今回から発表未経験者枠やLIGHTNING TALK枠を新設しております。みなさまのご応募お待ちしております。^AS #JSAC2023 jsac.jpcert.or.jp
Here's our YARA rule to detect APT10, APT29, BlackTech, Darkhotel, DragonOK, Lazarus, Tick and others. github.com/JPCERTCC/jpcer…
Today I've launched malapi.io. I've been analyzing malware source code that utilizes WinAPIs and have been categorizing them. Please feel free to contribute as I know the current list is not exhaustive.
New release: #TinyTracer (2.0) - allows to trace also indirect calls to local functions: github.com/hasherezade/ti…
Our preprint is available here: phanivadrevu.com/files/papers/p… Please reach out with any questions. Also, do attend our presentation which is scheduled for Track-1 on August 13th (Friday) at 11:15 PDT.
Analyzing Malicious Documents Cheat Sheet has been updated to include new tools and techniques: zeltser.com/analyzing-mali…
IDAPython script deobfuscating ADVobfuscator strings, applied to a TrickBoot sample github.com/TakahiroHaruya… We may not be able to reuse it for a different sample that was compiled with a different compiler or with different flags but I think the same approach can be applied.
NSRLJP_202104 released. It’s been 2 years since I updated last time :) kazamiya.net/en/NSRLJP #DFIR
Tenet is an #IDAPro plugin for exploring execution traces. The goal of this plugin is to provide more natural, human controls for navigating execution traces against a given binary. Check it out: blog.ret2.io/2021/04/20/ten… #reverseengineering #idapython
国内で発生した攻撃グループLazarusによる攻撃で使用されたマルウェア、ツールについてまとめました。IoC情報も記載していますので、ご活用ください。^ST blogs.jpcert.or.jp/ja/2021/03/Laz…
I am pleased to announce the release of DFIR-O365RC: A #PowerShell module to help the #DFIR analyst collect logs for #Office365 investigations. github.com/ANSSI-FR/DFIR-…
#JSAC2021 の全講演動画をYouTubeにアップロードしました。ご参加いただけなかった皆様、ぜひご覧ください。 ^ST youtube.com/playlist?list=…
I've updated the #YARA performance guidelines with input from Arnim Rupp Guidelines github.com/Neo23x0/YARA-P… We've been working on Panopticon, a YARA performance measurement tool & Arnim improved the guide according to new findings github.com/Neo23x0/panopt…
domain-fronted Cobalt Strike team servers since 2020/02 (MS Azure and Fastly) github.com/carbonblack/ac… I hope they will block it
New release: #pe_to_shellcode (#pe2shc) - added DCP support: now the generated shellcode can be injected into a processes with DCP ( "Dynamic Code Prohibited" ) enabled github.com/hasherezade/pe…
"Knock, knock, Neo. - Active C2 Discovery Using Protocol Emulation" #JSAC2021 slides jsac.jpcert.or.jp/archive/2021/p… Cobalt Strike team servers with leaked/cracked IDs (over 3,200, 51% of the total) github.com/carbonblack/ac…
Bye-bye botnets👋 Huge global operation brings down the world's most dangerous malware. Investigators have taken control of the Emotet botnet, the most resilient malware in the wild. Get the full story: europol.europa.eu/newsroom/news/…
EmoCheck v2.0をリリースしました。新しいバージョンでは、2020年12月以降に登場した新しいEmotetも検知できるように対応しています。 github.com/JPCERTCC/EmoCh…
United States Trends
- 1. Jack Smith 71,6 B posts
- 2. $AROK 2.612 posts
- 3. Thanksgiving 198 B posts
- 4. Kreider 3.275 posts
- 5. Baymax 9.824 posts
- 6. $DCK N/A
- 7. Andretti 4.034 posts
- 8. #TSBlackFridayCollection 2.343 posts
- 9. Squabble Up 39 B posts
- 10. Axios 28,6 B posts
- 11. Trouba 2.222 posts
- 12. #ai16z 2.740 posts
- 13. Marshall Law 4.327 posts
- 14. #ysltrial 3.252 posts
- 15. UConn 4.585 posts
- 16. Outlook 13,2 B posts
- 17. #SonicMovie3 67,9 B posts
- 18. Dan Hurley N/A
- 19. Kemp 5.062 posts
- 20. #BBMAs 188 B posts
Who to follow
-
_roku_
@00001B1A -
ハマショー2
@hamasho_2 -
tadmaddad
@tadmaddad -
soji256
@soji256 -
Shusei Tomonaga
@shu_tom -
Yusuke Karasawa/ 唐沢勇輔
@tsukarata -
anemone_fish
@anemone_fish -
抹茶シェイク
@matcha_shake -
dsasaki
@dsasaki5 -
にほんももんが
@nhnmomonga -
にのせき
@ninoseki -
kasasagi09
@kasasagi_ta -
解析mob
@chayakonanaika -
やまざきkei5
@ymzkei5 -
tachi4439
@tachi4439
Something went wrong.
Something went wrong.