[SANS ISC] Using API’s to Track Attackers

I published the following diary on isc.sans.edu: “Using API’s to Track Attackers“:

For a few days, I’m keeping an eye on suspicious Python code posted on VT. We all know that VBA, JavaScript, Powershell, etc are attacker’s best friends but Python is also a good candidate to perform malicious activities on a computer. Even if Python isn’t installed by default, it’s easy to “compile” a Python script to make it portable via a PE file. There exists multiple tools to achieve this, my favorite being ‘pyinstaller’… [Read more]

Keeping an eye on suspicious Python code

2 comments

Leave a Reply

Your email address will not be published.

This site uses Akismet to reduce spam. Learn how your comment data is processed.