Digital Operatives recently completed a DARPA Cyber Fast Track (CFT) contract called Process Attribution in Network Traffic (PAINT). The goal of this project was to build an easy-to-use software product capable of attributing originating and receiving Process IDs (PIDs) and Process Names for TCP/IP packets on a Windows system in real-time.
- Updates to Magiic: local mbox/Thunderbird indexing, color highlighting, and more
- Exploiting Weak Shellcode Hashes to Thwart Module Discovery; or, Go Home, Malware, You’re Drunk!
- Unintended Consequences of Equation Group Malware
- HAVOC – Halting Attacks Via Obstructing Configurations – Part One
- New World Order – When Databases Collide