Category Archives: System Tools
Trouble shooting HxD hex editor hang.
Recently while working on the malware-traffic-analysis.net exercise “2016-02-06 – TRAFFIC ANALYSIS EXERCISE – NETWORK ALERTS AT CUPID’S ARROW ONLINE” I ran into a problem where when you loaded any file into the hex editor or just open it on its … Continue reading
A little more on Wireshark and Pcap time stamps
In my last post I talked about getting a unique list of User-Agent strings and as a bonus I discovered that you can travel back and forth from Wireshark to a hex editor and back using the time stamps. In … Continue reading
Wireshark , Pcap files, User-Agent strings and Malware
Recently I have been going thru the malware traffic exercises created by Brad Duncan of “malware-traffic-analysis.net”. In my last post on a exercise I started wondering about the User-Agent strings used with malware as a way to possibly narrow in … Continue reading
Converting a SID in Array of bytes to String version in VB.Net
This is a program that converts SID’s with 1 – 5 sub Authorities , from Array of bytes to the String Format In my last post I was looking for a way to convert the array of bytes , (SID: … Continue reading
Converting VB Script To VB.Net
My Last Post Titled “Event 10 Mystery Solved” (found here.), Left me with a Question about the binary version of the SID, A returned value of CreatorSID: 1,5,0,0,0,0,0,5,21,0,0,0,190,118,173,34,87,198,105,19,239,226,7,24,244,1,0,0 I started searching the net to see if anyone has posted a … Continue reading
Event 10 Mystery Solved
Using various methods I was able to back track the elusive event 10 to the source. Here is what you see when you open the event viewer on a Windows Vista system. There are A LOT of post all over … Continue reading
Account Unknown
Recently while looking at the the security tab on a file I found there was a user that was an unknown account. It wasn’t registered with the Windows Vista System. Looking around the system I found several more files, so … Continue reading
PC's Xcetra Support 