The Domain Generation Algorithm of Orchard v3 A DGA Seeded by the Bitcoin Genesis Block
July 24, 2022 The Orchard malware uses a domain generation algorithm (DGA) that is seeded both by the current date, and also by the current balance of the Bitcoin genesis block.
The Domain Generation Algorithms of SharkBot
June 4, 2022 SharkBot uses a DGA for communication, which was changed several times during the development of SharkBot. This blogpost shows four versions of the DGA, and their differences.
Full Control over HTTP Requests Headers in Python Using the requests and HTTPX library
May 11, 2022 In this blog post I’ll show how remove any header, set their order, define their capitalization and how to send duplicate headers.
Analysing TA551/Shathak Malspam With Binary Refinery
November 1, 2021 This blog post shows how the open source framework “binary refinery™” can extract the download URL of complicated TA551 malspam emails.