What is this and why does it exist?

All links, the content behind and the opinions there are not mine.
If you follow an external link, it is your problem, not mine if you do not like, what you find there.
Please be aware, that this is just a list of topics I find interesting.

All mentioned security tools can be found here:


WxTCmd is a parser for the new Windows 10 Timeline feature database
–> WxTCmd - Forensic Blogs <–

DARKSURGEON is a Windows packer project to empower incident response, digital forensics, malware analysis, and network defense
–> DARKSURGEON - github <–

Tool written in python3 to determine where the AV signature is located in a binary/payload
–> AVSignSeek - github <–

Cross Architecture Shellcode in C
–> xarch_shellcode - github <–

A POSIX-compliant, fully automated WPA PSK handshake capture script aimed at penetration testing
–> airbash - github <–

Talks & Knowledge

Find Evil – Know Normal
–> KnowHow Poster - SANS <–

POP SS/MOV SS Vulnerability
–> POP SS/MOV SS Vulnerability - everdox <–

–> UAC-0day-All-Day - github / DefCon 25 <–


Backdoor in ssh-decorator package
–> Backdoor in ssh-decorator package - Reddit <–

DHCP Client Script Code Execution Vulnerability - CVE-2018-1111
–> CVE-2018-1111 - RedHat <–

Attackers use UPNP to sidestep DDoS defenses
–> UPNP sidestep DDoS defense - Threat Post <–

PRB-Backdoor - A Fully Loaded PowerShell Backdoor with Evil Intentions
–> PRB-Backdoor - Security 0wnage <–