cover image for post The Domain Generation Algorithms of SharkBot

The Domain Generation Algorithms of SharkBot

June 4, 2022 SharkBot uses a DGA for communication, which was changed several times during the development of SharkBot. This blogpost shows four versions of the DGA, and their differences.

link post 'The Domain Generation Algorithms of SharkBot'
cover image for post Full Control over HTTP Requests Headers in Python

Full Control over HTTP Requests Headers in Python Using the requests and HTTPX library

May 11, 2022 In this blog post I’ll show how remove any header, set their order, define their capitalization and how to send duplicate headers.

link post 'Full Control over HTTP Requests Headers in Python'
cover image for post Analysing TA551/Shathak Malspam With Binary Refinery

Analysing TA551/Shathak Malspam With Binary Refinery

November 1, 2021 This blog post shows how the open source framework “binary refinery™” can extract the download URL of complicated TA551 malspam emails.

link post 'Analysing TA551/Shathak Malspam With Binary Refinery'
cover image for post A BazarLoader DGA that Breaks Down in the Summer

A BazarLoader DGA that Breaks Down in the Summer

August 9, 2021 Domain generation algorithms are relatively straightforward to program and usually bug free. Not so the new DGA of BazarLoader, which goes haywire during the summer months.

link post 'A BazarLoader DGA that Breaks Down in the Summer'
see all blog posts