Analysis of bootloader and partition table; And some fun with Master Boot Record — This article was originally published at https://ayedaemon.github.io and has been reposted here via automated scripts. For better formatting, read original post here -> https://ayedaemon.github.io/post/2022/09/fun-with-mbr/. Malware has been used numerous times by attackers to destroy a computer’s Master Boot Record, rendering it inoperable. By erasing the MBR, the machine is unable…

Basics of assembly and its relation with higher level constucts — This article was originally published at https://ayedaemon.github.io and has been reposted here via automated scripts. For better formatting, read original post here -> https://ayedaemon.github.io/post/2022/09/intro-to-re/. Steps to generate a binary When we write a program using a language like C, it is not C source code which really gets executed. This C code passes through many…

Task 6 for Eudyptula challenge — This article was originally published at https://ayedaemon.github.io and has been reposted here via automated scripts. For better formatting, read original post here -> https://ayedaemon.github.io/post/draft/eudyptula-task-6/. This is Task 06 of the Eudyptula Challenge ------------------------------------------ Nice job with the module loading macros, those are tricky, but a very valuable skill to know about, especially when…

Story of how I examined some basic powershell malware I happened to stumble into on github. — This article was originally published at https://ayedaemon.github.io and has been reposted here via automated scripts. For better formatting, read original post here -> https://ayedaemon.github.io/post/2022/08/analyzing-simple-powershell-malware/. What is a malware? Malware, a portmanteu meaning malicious software, refers to any program that was created with the specific goal of doing harm. Your digital environment is vulnerable to…

Task 3 for Eudyptula challenge — This article was originally published at https://ayedaemon.github.io and has been reposted here via automated scripts. For better formatting, read original post here -> https://ayedaemon.github.io/post/2022/06/eudyptula-task-3/. This is Task 03 of the Eudyptula Challenge ------------------------------------------ Now that you have your custom kernel up and running, it's time to modify it! The tasks for this round is…

Task 4 for Eudyptula challenge — This article was originally published at https://ayedaemon.github.io and has been reposted here via automated scripts. For better formatting, read original post here -> https://ayedaemon.github.io/post/2022/06/eudyptula-task-4/. This is Task 04 of the Eudyptula Challenge ------------------------------------------ Wonderful job in making it this far, I hope you have been having fun. Oh, you're getting bored, just booting…

Task 2 for Eudyptula challenge — This article was originally published at https://ayedaemon.github.io and has been reposted here via automated scripts. For better formatting, read original post here -> https://ayedaemon.github.io/post/2022/06/eudyptula-task-2/. This is Task 02 of the Eudyptula Challenge ------------------------------------------ Now that you have written your first kernel module, it's time to take off the training wheels and move on…

This article was originally published at https://ayedaemon.github.io and has been reposted here via automated scripts. For better formatting, read original post here -> https://ayedaemon.github.io/post/2022/05/hands-on-intro-to-sbom/. The concept of a Bill Of Materials (BOM) is well-established in traditional manufacturing as part of supply chain management. A manufacturer uses a BOM to track…

This article was originally published at https://ayedaemon.github.io and has been reposted here via automated scripts. For better formatting, read original post here -> https://ayedaemon.github.io/post/2022/02/fileless-malwares-how-and-why/. What are file-less malwares? How do they work on linux? According to Wikipedia, file-less malware is a variant of computer related malicious software that exists exclusively…