0xThiebaut's Blog

Generating IDA Type Information Libraries from Windows Type Libraries

IcedID & Qakbot's VNC Backdoors: Dark Cat, Anubis & Keyhole

Diffing Sysmon's v14.11 ClipboardChange Event for Arbitrary Write

Enforcing a Sysmon Archive Quota

Detecting & Preventing Rogue Azure Subscriptions

Automated Sigma Rule Generation from MISP Threat Intelligence

Automated Anomaly-Detection in DNS Records