Tim Brown

### Area Defensive tools ### Parent threat _No response_ ### Finding https://github.com/ancat/egrets ### Industry reference _No response_ ### Malware reference _No response_ ### Actor reference _No response_ ### Component _No...

Multiline (and maybe other) flags from RE2 don't appear to work in DCS

2

According to my reading of https://github.com/google/re2/blob/main/doc/syntax.txt, ```((?sm).*fprintf.*fclose.*)``` should allow for multiline matches to be treated as a single line to match printf on one line, fclose on another, but this...

https://en.wikipedia.org/wiki/Ian_Murdock

### Area Defensive techniques ### Parent threat Defense Evasion ### Finding https://www.forensicxlab.com/posts/inodes/ ### Industry reference _No response_ ### Malware reference _No response_ ### Actor reference _No response_ ### Component Linux...

### Area Offensive techniques ### Parent threat Defense Evasion ### Finding https://github.com/akawashiro/sloader ### Industry reference _No response_ ### Malware reference _No response_ ### Actor reference _No response_ ### Component Linux...

### Area Offensive tools ### Parent threat _No response_ ### Finding https://github.com/fireeye/SSSDKCMExtractor ### Industry reference attack:T1558:Steal or Forge Kerberos Tickets ### Malware reference _No response_ ### Actor reference _No response_...

### Area Offensive tools ### Parent threat Credential Access ### Finding https://github.com/blacklanternsecurity/KCMTicketFormatter ### Industry reference attack:T1558:Steal or Forge Kerberos Tickets ### Malware reference _No response_ ### Actor reference _No response_...

### Area Malware reports ### Parent threat _No response_ ### Finding https://www.bitdefender.com/files/News/CaseStudies/study/319/Bitdefender-PR-Whitepaper-DarkNexus-creat4349-en-EN-interactive.pdf ### Industry reference _No response_ ### Malware reference DarkNexus ### Actor reference _No response_ ### Component Linux ###...

### Area Defensive tools ### Parent threat _No response_ ### Finding https://github.com/chriskaliX/Hades ### Industry reference _No response_ ### Malware reference _No response_ ### Actor reference _No response_ ### Component Linux...