Corey HartmanTearing Apart LastPassPassword managers not too long ago didn’t exist and it resulted in one of a few less than… optimal… paths taken to ensure a user didn’t…Dec 31, 2023Dec 31, 2023
Corey HartmanThanks All!Thank you everyone who came out to my Black Hat and Defcon Presentations!Aug 14, 2023Aug 14, 2023
Corey HartmanA PCAPS TaleSo I decided to randomly grab a PCAP from https://www.malware-traffic-analysis.net/ and analyze it, specifically the sample…Jun 9, 2023Jun 9, 2023
Corey HartmanBlack Hat Arsenal 2023Hey all, just wanted to say I got accepted to present at Black Hat Arsenal again this year so if you attend Black Hat come stop by and say…Jun 8, 2023Jun 8, 2023
Corey HartmanHyper-V Entire Host Disk AccessSo I quickly wanted to cover a quick little issue I came across over the past week. If a general user with non-administrative privileges…May 29, 2023May 29, 2023
Corey HartmanHTTP Covert Channels — Hiding C2 and exfiltration in plain sightI put together a quick little demo of covert channels over HTTP and why they can be not exactly easy to pick out when viewing network…Dec 23, 2022Dec 23, 2022
Corey HartmanSelf Mutating Code: Obfuscation Fun — PART 02In part 01 of this blog post, I covered how you can utilize a function overwrite with shellcode to obfuscate code to make reverse…Dec 23, 2022Dec 23, 2022
Corey HartmanSelf Mutating Code: Obfuscation Fun — PART 01Reverse engineering code can be complicated enough, but what can make things really weird is when the instructions you see in code being…Dec 23, 2022Dec 23, 2022
Corey HartmanReversing A Malicious Office Document — Part 02In Part 01 we tore apart a new Emotet variant’s malicious Office document dropper file, this time in part 02, lets take a look at the…Dec 22, 2022Dec 22, 2022