What is this and why does it exist?

All links, the content behind and the opinions there are not mine.
If you follow an external link, it is your problem, not mine if you do not like, what you find there.
Please be aware, that this is just a list of topics I find interesting.

All mentioned security tools can be found here:


REmatch, a simple binary diffing utility that just works.
–> rematch - github <–

Domain name permutation engine for detecting typo squatting, phishing and corporate espionage
–> dnstwist - github <–

12,805 Free Yara rules created by
–> icewater yara rules - github <–

PowerShell oneliner to retrieve wdigest passwords from the memory
–> mimiDbg - github <–

RetDec is a retargetable machine-code decompiler based on LLVM
–> RetDec - github <–

Talks & Knowledge

Cheat Sheets
–> Cheat Sheets - <–

Detection and recovery of NSA’s covered up tracks
–> NSA eventlogedit - Fox-IT Blog <–

Sysinternals Sysmon suspicious activity guide
–> Sysmon - Blogs TechNet <–


Process Doppelgänging: New Malware Evasion Technique Works On All Windows Versions
–> Process Doppelgänging - The Hacker News/BlackHat 2017 <–

How to Hack a Turned-Off Computer, or Running Unsigned Code in Intel Management Engine
–> Intel ME Hack - BlcakHat EU 17 <–

HP had a keylogger in the keyboard driver. The keylogger saved scan codes to a WPP trace. The logging was disabled by default but could be enabled by setting a registry value (UAC required).
–> HP keylogger - github <–

CVE-2017-13156 Janus Android Vuln
–> Janus Android Vuln - Guard Square <–

An attempt to implement Process Doppelgänging
–> processrefund - github <–

Collection of 1.4 Billion Plain-Text Leaked Passwords Found Circulating Online
–> 1.4 Billion Passwords - The Hacker News <–

Google Researcher Releases iOS Exploit—Could Enable iOS 11 Jailbreak
–> iOS 11.1.2 Jailbreak - The Hacker News <–

ROBOT (Return of Bleichenbacher’s Oracle Attack)
–> Robot Attack - Robot Attack <–