You are browsing the archive for EDR.

Adobe: JSX and JSXBIN files

September 2, 2022 in Autostart (Persistence), EDR, Incident Response

I wrote about older Adobe scripting before. I recently discovered that Adobe products support scripting using so-called ExtendScript language with code being stored either in a source-level JSX file, or […]

Not installing the installers, part 2

May 22, 2022 in Archaeology, Batch Analysis, Clustering, EDR, Forensic Analysis, GoodWare, Sandboxing

In the last post I described how we can pull some interesting metadata from decompiled installers. Today I want to discuss one practical example of how this data can enrich […]