In my last post I referred to something what I call “putting elf on the shelf”. The idea is simple — Windows is a very rich environment when it comes […]

If you ever used shellcode_hashes IDA plugin from Mandiant, you probably have also used make_sc_hash_db.py before. But, if you haven’t, this post is for you. The focus of the article […]