• RSS Keyword Summaries Using Bookworm

    by  • November 25, 2012

    A few weeks ago I needed a way of grabbing a bunch of different articles based on a set of basic keywords for one of my projects. Essentially what I wanted was a way to feed a whole bunch of different RSS feeds into a program, have it download the...

    Read more →

    Can’t Automate? Bookmarklet it!

    by  • October 31, 2012

    I am doing my best at keeping the blog alive and have some projects I will be pushing out in the next week or so, but until then, I thought I would share this quick hack of a script I put together. If you don't automate in the field of security re...

    Read more →

    Flying Through TOR with Jetplane

    by  • September 30, 2012

    When researching targeted malware and its infrastructure, I often find myself writing trackers to poll or look for changes, so I get updated with little delay. For one particular instance I needed to hit a couple systems a few times a day and want...

    Read more →

    Operators Have Feelings Too

    by  • September 23, 2012

    Whenever you do work for a long period of time, you tend to become a bit jaded, and security research is no exception. Rest assured however, this is not a post about being bored or complaining, but instead a reason why I love the work I do. The re...

    Read more →

    Thoughts on Attribution Post-China Visit

    by  • August 28, 2012

    The blog has been silent for about a month now and I have struggled with how to release some of my work without burning TTPs in the process. It's funny, the closer you get to the targets and victims, the less public analysis you end up doing. I am...

    Read more →

    ClassyPDF Tool Up for Grabs

    by  • July 31, 2012

    Back at the tail end of April I had posted about data mining PDF data in order to classify whether or not a document were malicious. In the post I had talked about data and an API, but never released the tool out to the public. It has been a few m...

    Read more →