You are browsing the archive for Anti-Forensics.

Beyond good ol’ Run key, Part 133

March 5, 2021 in Anti-Forensics, Autostart (Persistence)

Java programs compiled into executable form using launch4j have a few interesting features that make them a good target for both persistence and LOLBIN-ish activities. When the executable starts it […]

Beyond good ol’ Run key, Part 132

February 24, 2021 in Anti-Forensics, Autostart (Persistence)

This is a very unpromising persistence mechanism relying on environment variables (again). Combing through OpenSSL source code I came across two variables that it relies on and they are described […]