LYLC | Spear and ShieldIntroducing Chromium Notification ParserGoogle Chrome, Microsoft Edge and Brave Browser are based on Chromium. When websites use Push API to send the notifications to those…1 min read·Oct 5, 2021----
LYLC | Spear and ShieldIntroducing Chrome DownloadMetadata ParserGoogle Chrome’s DownloadMetadata file appears to change the file format. It is not a SQLite database file anymore. Chrome starts recording…1 min read·Jul 26, 2019----
LYLC | Spear and ShieldQealler+QaZaqne ● Part 2Qealler loader would run the following command to execute QaZaqne. python.exe [path]\qazaqne\main.py all According to LaZagne’s website…3 min read·Oct 22, 2018----
LYLC | Spear and ShieldQealler+QaZaqne ● Part 1The intelligence suggested around 14 thOctober 2018, a phishing campaign distributing a Java malicious program named…3 min read·Oct 20, 2018----
LYLC | Spear and ShieldMFTParser 0.2.0MFTParser 0.2.0 is released. This version supports the extraction of alternate data stream names and resident data. For more information…1 min read·Jan 4, 2017----
LYLC | Spear and Shieldenfuse 2016I will share how to analyse web shells at enfuse conference (formerly CEIC) on 25 May 2016 in Las Vegas. I believe this session would be…1 min read·May 2, 2016----