Mindblown: a blog about philosophy.
- 
Bypassing modern anti-exploit mechanismsModern operating systems employ a variety of anti-exploit mechanisms known as exploit mitigation techniques to prevent and limit the success of malicious activities on a system. Yet, skilled attackers and malware creators continually develop methods to bypass these defenses. Here are several modern anti-exploit mechanisms and ways they might be circumvented: As a malware analyst,… 
- 
MOVEit Transfer AttackMOVEit Transfer Attack TTP for Malware Analyst Overview MOVEit Transfer is a secure file transfer solution organizations use to exchange sensitive data. While the product is designed to be secure, attackers may still target the users, infrastructure, or underlying systems to compromise the transferred data. The TTP (Tactics, Techniques, and Procedures) for a MOVEit Transfer… 
- 
AS-REP RoastingAS-REP Roasting is a technique that targets the Kerberos authentication protocol by exploiting user accounts with Kerberos pre-authentication disabled. When pre-authentication is enabled, a user who needs access to a resource initiates the Kerberos authentication process by sending an Authentication Server (AS) request. However, if pre-authentication is disabled, attackers may obtain the password hashes of… 
- 
Advanced Encryption Standard (AES)The Advanced Encryption Standard (AES) is a symmetric-key encryption algorithm established by the U.S. National Institute of Standards and Technology (NIST) in 2001. It was developed by Belgian cryptographers Joan Daemen and Vincent Rijmen, who submitted their Rijndael block cipher during the AES selection process. AES has a fixed block size of 128 bits and… 
- 
Salsa20Salsa20 is a stream cipher developed by Daniel J. Bernstein in 2005, with a closely related variant called ChaCha introduced in 2008. Both ciphers are based on a pseudorandom function that uses add-rotate-XOR (ARX) operations, which include 32-bit addition, bitwise addition (XOR), and rotation operations. The core function maps a 256-bit key, a 64-bit nonce,… 
- 
Windows API functionsMicrosoft CryptoAPI, also known as CryptoAPI, Microsoft Cryptography API, MS-CAPI, or simply CAPI, is an application programming interface (API) included with Microsoft Windows operating systems. It provides services to enable developers to secure Windows-based applications using cryptography. First introduced in Windows NT 4.0, CryptoAPI has been enhanced in subsequent versions. CryptoAPI supports both public-key and… 
- 
Malware Analysis Tools P1Various tools are used to dissect, analyze, and reverse-engineer malware samples in malware analysis. These tools help analysts gain insights into the malware’s functionality, behavior, and potential impact on the infected system. 
- 
Building Home LabBuilding your own digital forensics lab at home is possible if you are interested in digital forensics. The home lab can be a great way to learn more about the field and develop your skills. Here are steps to help you get started: Step 1: Determine Your Goals and Budget Before building your lab, you… 
- 
Malware Analysis Methods API Part 1Malware analysis, the techniques mentioned are related to various methods and APIs (Application Programming Interfaces) that malware may use to perform its malicious activities. Understanding these techniques helps analysts to identify, analyze, and reverse-engineer malware samples. 
- 
Forensic image formatsForensic image formats are used for preserving digital evidence during digital forensic investigations. These formats ensure that the original data is maintained in a reliable and unaltered state, allowing investigators to analyze the evidence without affecting its integrity.