Peter MatkovskiYARA for heavily scrambled Web ShellIn previous parts we created detection methods for various Web Shells with AuditD(1.) and with Sigma(2.) rules.May 22, 20201May 22, 20201
Peter MatkovskiDjango Speedrun 1: WorkflowWe will learn how Django Applications works and how to contribute to existing project. This guide is coming from notes explaining…Apr 23, 2020Apr 23, 2020
Peter MatkovskiDetection of Phishing RedirectsDetection of open URL redirects within the email body.Oct 15, 20191Oct 15, 20191
Peter MatkovskiEmail Forensics; 2. Headers and BodyThis series of articles explains the basic evaluation of email; headers, body, and various types of attachments.Oct 8, 20191Oct 8, 20191
Peter MatkovskiEmail Forensics; 1. The GatheringThis blog post series explains the basic evaluation of email headers, body, and various types of attachments.Oct 2, 20191Oct 2, 20191
Peter MatkovskiDetection of PHP Web Shells with SIGMAWe will alert on shell commands executed on behalf of Web Server by monitoring of Audit Deamon logs.May 2, 2019May 2, 2019
Peter MatkovskiPDF Forensics Workshop (Sample n2)It is suggested to read the first part before progressing further.Apr 23, 2019Apr 23, 2019
Peter MatkovskiPDF Forensics Workshop (Sample n1)The goal of this workshop is to manually find exploits and shellcodes within obfuscated JS code delivered in PDF file. For effective…Apr 17, 20191Apr 17, 20191
Peter MatkovskiDetection of PHP Web Shells with Access log, WAF and Audit DeamonIf a Web server present in your environment is targeted or falls prey to an exploited vulnerability. As a custodian or guardian of the…Apr 15, 20191Apr 15, 20191
Peter MatkovskiThreat Hunting ideas crushed by realityTo threat hunt means to proactively search for malware or attackers behind deployed security controls and detection baseline. It often…Feb 24, 2019Feb 24, 2019