capa 2.0: Better, Faster, Stronger
July 19 2021We are excited to announce version 2.0 of our open-source tool called capa. capa automatically identifies capabilities in programs using an extensible rule set. The tool supports...
Read moreWe are excited to announce version 2.0 of our open-source tool called capa. capa automatically identifies capabilities in programs using an extensible rule set. The tool supports...
Read moreWe are excited to announce version 2.0 of our open-source tool called capa. capa automatically identifies capabilities in programs using an extensible rule set. The tool supports...
Read moreFireEye has discovered additional details about the SUNBURST backdoor since our initial publication on Dec. 13, 2020. Before diving into the technical depth of this malware, we...
Read moreFireEye has discovered additional details about the SUNBURST backdoor since our initial publication on Dec. 13, 2020. Before diving into the technical depth of this malware, we...
Read moreFireEye has discovered additional details about the SUNBURST backdoor since our initial publication on Dec. 13, 2020. Before diving into the technical depth of this malware, we...
Read moreAs noted in Rough Patch: I Promise It'll Be 200 OK, our FireEye Mandiant Incident Response team has been hard at work responding to intrusions ...
Read moreWindows Management Instrumentation (WMI) is a remote management framework that enables the collection of host information, execution of code, and provides an eventing system that can respond...
Read moreBy William Ballenthin & Jeff Hamm Our last post in the Incident Response with NTFS INDX Buffers series detailed the internal...
Read moreBy William Ballenthin & Jeff Hamm On August 30, 2012, we presented a webinar on how to use INDX buffers to...
Read moreBy William Ballenthin & Jeff Hamm On August 30, 2012, we presented a webinar on how to use INDX buffers to...
Read more
Recent Comments