top of page
Disabling Network Connectivity Status Indicator (NCSI)
According to this article on MSDN, Microsoft introduced the Network Connectivity Status Indicator in Windows Vista. While there may be a...
Josh Stroschein
Jan 25, 20201 min read
Â
Â
Finding Usernames with Burp Extensions
What Does this Extension Do? This is a relatively simple Burp extension that I created a while back to learn more about how to actually...
Josh Stroschein
Aug 23, 20192 min read
Â
Â
Anti-Analysis in an Office Document
Please note: This was a blog post I originally authored for Bromium. Due to changes in how they host their blog content, it has fallen...
Josh Stroschein
Jul 15, 20193 min read
Â
Â
Identifying a User Form in an Office Document
In this post, we will be looking into ways to identify and analyze the presence of a user form in an office document. As I discussed in a...
Josh Stroschein
Jun 28, 20195 min read
Â
Â
Analyzing Malicious Office Documents with OLEDUMP
Microsoft office documents are a common vehicle used by malware authors to deliver malware. These documents, used for malicious purposes,...
Josh Stroschein
Jun 4, 20198 min read
Â
Â
Debugging a 32 or 64-bit DLL with WinDbg
Debugging a DLL is not quite as straight forward as an executable, since you have to use rundll32 to load it and invoke DllMain. This is...
Josh Stroschein
Mar 16, 20182 min read
Â
Â
bottom of page