Josh Stroschein

icon indicating a website link thecyberyeti.com

icon company M9 Cyber icon location United States icon location Reverse Engineer @ FLARE/Google. Content creator on YouTube/Pluralsight

Results 5 comments of Josh Stroschein

add missing jq, requests to requirements.txt

+1 - very minor but would be helpful :)

Package proposal: runsc.vm

I'm actually working on adding the ability to load additional content into memory - for example, this shellcode (https://github.com/jstrosch/malware-samples/tree/master/malware_analysis_exercises/2022/October) uses an egg hunter technique to find the next stage in...

Package proposal: runsc.vm

@Ana06 fwiw - updated sclauncher to include the ability to load additional content and made new releases on the project page.

Add Suricata package for installation into the FLARE-VM

yes, similar to how we use Yara and its rules to help detect capabilities, families, properties of different static artifacts, Suricata can apply rules to match in network traffic. The...

Add Suricata package for installation into the FLARE-VM

There are a few options for public rule sets, Emerging Threats Open is the largest. This would be my recommendation for the rule file to download: https://rules.emergingthreats.net/open/suricata-7.0.3/emerging-all.rules. One problem with...