After attending Douglas Brush’s talk about mental health in Cyber Security a long time ago I took the chance to have more deeply conversations with my infosec friends, to recap the talks we already had over the years, to re-think my own career in this field and to share my…

The OSINT Dojo set the task on Twitter to find indicators of compromise (IOCs) for an IP address as well as finding other compromised systems by probably the same threat actor. To solve this quiz, I did a search on Shodan for the respective IP address. It seems that the…

Sometimes there are some prerequisites that force you to have Hyper-V running on the host operating system, which results in VMware or VirtualBox not working properly. I guess — when reading this — you already got to know the green turtle with the “V” on its shell. Hyper-V might be…

Security analysts are currently discussing again about creative delivery methods of payloads. For example, it has been observed that right now IcedID is dropped via ISO files. …

I wanted to get my hands dirty and to take the opportunity of analyzing network traffic that has been generated by malware. Therefore, I picked up the Quiethub case from malware-traffic-analysis.net. Some words about what I did: My goal was to just have a look on the network traffic itself…

In December 2021 the OSINT Dojo invited the community to solve a traditional image-based geolocation OSINT challenge. They have asked for latitude and longitude of the place where the picture was taken. This is the quest:

After using Ghidra for pulling out a license key within a very easy reverse engineering challenge, I wanted to use Ghidra’s functionality to also modify binary files to fit my needs. Therefore, I picked up the TryCrackMe challenge from crackmes.one in order to modify it. When running the executable, it…

I have stumbled upon the Twitter account of OSINTDojo and their challenge to find a certain mural along with the respective artist: https://twitter.com/OSINTDojo/status/1452623245220323331 So let’s go. This is the challenge:

As I wanted to get my hands on Ghidra I was searching for challenges that empower me to work with the tool. I came across a website that contains reverse engineering challenges: https://crackmes.one To get started — because it has been a long time since I have used a debugger…