malware.engineer

Collection of jupyter notebooks and malware analysis notes.

cobaltstrike, minidump, process memory

Use minidump format to improve chances of extracting a complete beacon configuration.

emotet, binary ninja, malware

Extracting Emotet C2 data using Binary Ninja’s HLIL.