59e5aaf4
59e5aaf4
Is there such a thing as a legitimate use of `%n` which isn't for exploit development ? Internet experts seem to consider that question an open question: * https://stackoverflow.com/questions/3401156/what-is-the-use-of-the-n-format-specifier-in-c *...
Hi all, and thank you very much for this nice piece of code. I had all the errors in the world at parsing TLS traffic with some python2 code, so...
Thanks for that lib ! I figured out with Scalene that , maybe, loading N ( = 10000+ ) times the same `schema.json` file from disk when instanciating a class,...
Hello, while we're talking about exporting objects (assets, iocs, events), the `last_update` field is really important to use (to ensure sync with third party threat intel locations), and looks like...
If that is a crowdstrike alert (no idea how I though of this ahem ahem ahem cough cough) then it's not related to this specific path, there's a DCOM operation...
Ah, I'd love to do so, as writing PE parsers is part of these days hackers rite of passage, but my company isn't ok with me working on FLOSS software...
Hi, we'd as well like task templates. We don't really care about the UI, but anything better than having to copy-paste text blobs would be good. Phantom (now Splunk SOAR)...
http://web.archive.org/web/20210727184134/https://www.fireeye.com/content/dam/fireeye-www/services/freeware/shimcache-whitepaper.pdf
Also, ahem, https://eu-1.ideas.crowdstrike.com/ideas/IDEA-I-10248 , there's no support for the `Range` HTTP header, preventing partial downloads (on either the normal API or the WebUI API). Another missing pretty relevant header would...
Might be related to https://github.com/CrowdStrike/psfalcon/issues/421 where CRLF endings in the .sh / .zsh scripts as shipped by the powershell module package, while they're not present in the github version of...