Microsoft

Developer-targeting campaign using malicious Next.js repositories

A developer-targeting campaign leveraged malicious Next.js repositories to trigger a covert RCE-to-C2 chain through standard ...
GitHub

Erixcode/Base64_decode_Salt

Decode BASE64 salted with AES, OpenSSL, PBKDF2, ... Use Case: you find a hash which looks like base64 but hashid identifies it as UNKNOWN. AES: Normal "base64 -d" results in unreadable content. the ...
GitHub

rhpenguin/Winlogbeat-javascript-processor-example

HelloWorld module: Add a "greeting: hello, world!" field into Sysmon event logs. Psdecode module: Decode PowerShell's -EncodedCommand (-enc) args, split the decoded args and add them into Sysmon event ...