2025-10

Malware & C2

Dynamic Malware Analysis in a Sandbox: A Practical Behavioral Workflow

A hands-on guide to dynamic malware analysis with Procmon, Process Hacker, and Wireshark, plus Blue Team detection.
2025.10.30
Malware & C2
Malware & C2

Writing Effective YARA Detection Rules

A practical guide to writing precise YARA rules using strings, hex patterns, imphash, and conditions for malware detection.
2025.10.22
Malware & C2
Malware & C2

C2 Frameworks Explained: Cobalt Strike, Sliver, and Mythic

A practical tour of Cobalt Strike, Sliver, and Mythic — beacons, listeners, malleable profiles, redirectors, and OPSEC for red and blue teams.
2025.10.20
Malware & C2
Cloud Security

Breaking Serverless: Attacking AWS Lambda from Event Injection to RCE

How attackers turn Lambda event injection into code execution and credential theft, and how blue teams stop it.
2025.10.10
Cloud Security
Cloud Security

Enumerating and Exploiting AWS with Pacu

A practical walkthrough of using Pacu to enumerate AWS identities, IAM permissions, and discover privilege escalation paths.
2025.10.08
Cloud Security