prfalken.org
Open in
urlscan Pro
2001:41d0:301::31
Public Scan
URL:
https://prfalken.org/
Submission: On December 28 via api from BE — Scanned from FR
Submission: On December 28 via api from BE — Scanned from FR
Form analysis 1 forms found in the DOM
GET https://prfalken.org/
<form role="search" method="get" action="https://prfalken.org/" class="wp-block-search__button-inside wp-block-search__icon-button wp-block-search"><label class="wp-block-search__label screen-reader-text" for="wp-block-search__input-1">Search</label>
<div class="wp-block-search__inside-wrapper "><input class="wp-block-search__input" id="wp-block-search__input-1" placeholder="" value="" type="search" name="s" required=""><button aria-label="Search"
class="wp-block-search__button has-icon wp-element-button" type="submit"><svg class="search-icon" viewBox="0 0 24 24" width="24" height="24">
<path d="M13 5c-3.3 0-6 2.7-6 6 0 1.4.5 2.7 1.3 3.7l-3.8 3.8 1.1 1.1 3.8-3.8c1 .8 2.3 1.3 3.7 1.3 3.3 0 6-2.7 6-6S16.3 5 13 5zm0 10.5c-2.5 0-4.5-2-4.5-4.5s2-4.5 4.5-4.5 4.5 2 4.5 4.5-2 4.5-4.5 4.5z"></path>
</svg></button></div>
</form>Text Content
Skip to content PrFalken's Cyber Security Journey * About PrFalken's Cyber Security Journey Main Menu * About OBSCURCISSEMENT, INJECTION ET SHELLCODE: LE HACKING SOUS L’OEIL DE L’ASSEMBLEUR X64 – BOOK REVIEW Leave a Comment / Review / PrFalken This review is in french because the book only exists in french J’avais vu l’annonce de ce livre à en septembre 2023 via LinkedIn et je l’avais commandé sur Amazon en me disant que je le lirai plus tard. Etant coincé chez moi toute la semaine à cause d’un mal de dos épouvantable, j’en […] Obscurcissement, injection et shellcode: Le hacking sous l’oeil de l’assembleur x64 – Book Review Read More » DEADSEC CTF 2024 – MIC CHECK Leave a Comment / CTF / PrFalken This is a small write-up of the “Mic check” challenge from DeadSec CTF 2024 (Misc Category). The difficulty was easy and it was a kind of stuff that appears often in CTF challenges. Description : mic is it ok?mic is it ok? A link is to start a docker container and the command to connect DeadSec CTF 2024 – Mic check Read More » SANS FOR610 TRAINING & GREM – CERTIFICATION REVIEW Leave a Comment / Malware Analysis, Review / PrFalken SANS FOR610 Training The full name of the FOR610 training from SANS is “Reverse-Engineering Malware: Malware Analysis Tools and Techniques”. The goal is to learn how to efficiently analyze malwares in various forms (mainly Windows and Script files) depending on what is the purpose of the analysis : to understand how a security incident started, SANS FOR610 Training & GREM – Certification Review Read More » FROM ONENOTE TO QUAKBOT (BB12) Leave a Comment / Malware Analysis / PrFalken Attackers started recently to use Microsoft OneNote file to distribute malwares by email. I’ve decided to take a to public sample and analyse it (Thanks @pr0xylife for sharing it !). To proceed, I’ll use my Malware Analysis Lab as described here. I’ll start with a static analysis of the file to discover what will be From OneNote to Quakbot (BB12) Read More » INSTALLING A MALWARE ANALYSIS LAB Leave a Comment / Malware Analysis / PrFalken In order to safely analyze malwares, the very first step is to setup a lab. I’ve read multiple articles about it but I’ve decided to write my own guide compiling all the small details that were important to me. This guide is for beginners and I hope it can help someone starting his journey into Installing a Malware Analysis Lab Read More » UNBOXING A QUAKBOT CAMPAIGN WITH MALCAT Leave a Comment / Malware Analysis / PrFalken I recently received a phishing email to analyze, let’s see how to unbox all the components and identify them using Malcat. We can notice how good is this phishing attempt :– the sender was known by the recipient– the mail was written in correct french (quite unusual)– the mail contains and old discussion from 2021 Unboxing a Quakbot Campaign with Malcat Read More » MS OFFICE DOCUMENTS ANALYSIS Leave a Comment / Miscellaneous / PrFalken *.doc MS Word Document in binary proprietary file format (Compound File Binary Format) used in Office < 2007 *.xls MS Excel Workbook in binary proprietary file format (Compound File Binary Format) used in Office < 2007 *.docx MS Word Document in “Microsoft Office Open XML” file format used since Office 2007, no macro.Zip container with MS Office Documents Analysis Read More » SEETF 2022 – SNIFFED TRAFFIC Leave a Comment / CTF / PrFalken This is a small write-up of the “Sniffed Traffic” challenge from SEECTF 2022 (Forensics Category). Description : Author: EnyeiWe inspected our logs and found someone downloading a file from a machine within the same network.Can you help find out what the contents of the file are?For beginners: https://www.javatpoint.com/wiresharkMD5: 71cd3bdbecece8d7919b586959f2d3b7 Solution : Once the capture file SEETF 2022 – Sniffed Traffic Read More » PICOCTF 2022 – X-SIXTY-WHAT Leave a Comment / CTF / PrFalken This is a small write-up of the “x-sixty-what” challenge from picoCTF 2022 (Binary Exploitation Category). The challenge is now available in picoGym here ! Description : Overflow x64 code Most problems before this are 32-bit x86. Now we’ll consider 64-bit x86 which is a little different! Overflow the buffer and change the return address to picoCTF 2022 – x-sixty-what Read More » PICOCTF 2022 – TORRENT ANALYZE Leave a Comment / CTF / PrFalken This is a small write-up of the “Torrent Analyze” challenge from picoCTF 2022 (Forensics Category). The challenge is now available in picoGym here ! Description : SOS, someone is torrenting on our network. One of your colleagues has been using torrent to download some files on the company’s network. Can you identify the file(s) that picoCTF 2022 – Torrent Analyze Read More » Post pagination 1 2 Next → Search RECENT ARTICLES * Obscurcissement, injection et shellcode: Le hacking sous l’oeil de l’assembleur x64 – Book Review * DeadSec CTF 2024 – Mic check * SANS FOR610 Training & GREM – Certification Review * From OneNote to Quakbot (BB12) * Installing a Malware Analysis Lab ARCHIVES * October 2024 * July 2024 * April 2023 * February 2023 * January 2023 * July 2022 * June 2022 * March 2022 Copyright © 2024 PrFalken's Cyber Security Journey