cover image for post The Domain Generation Algorithm of Orchard v3

The Domain Generation Algorithm of Orchard v3 A DGA Seeded by the Bitcoin Genesis Block

July 24, 2022 The Orchard malware uses a domain generation algorithm (DGA) that is seeded both by the current date, and also by the current balance of the Bitcoin genesis block.

link post 'The Domain Generation Algorithm of Orchard v3'
cover image for post The Domain Generation Algorithms of SharkBot

The Domain Generation Algorithms of SharkBot

June 4, 2022 SharkBot uses a DGA for communication, which was changed several times during the development of SharkBot. This blogpost shows four versions of the DGA, and their differences.

link post 'The Domain Generation Algorithms of SharkBot'
cover image for post Full Control over HTTP Requests Headers in Python

Full Control over HTTP Requests Headers in Python Using the requests and HTTPX library

May 11, 2022 In this blog post I’ll show how remove any header, set their order, define their capitalization and how to send duplicate headers.

link post 'Full Control over HTTP Requests Headers in Python'
cover image for post Analysing TA551/Shathak Malspam With Binary Refinery

Analysing TA551/Shathak Malspam With Binary Refinery

November 1, 2021 This blog post shows how the open source framework “binary refinery™” can extract the download URL of complicated TA551 malspam emails.

link post 'Analysing TA551/Shathak Malspam With Binary Refinery'