Category Archives: System Tools

Trouble shooting HxD hex editor hang.

Recently while working on the malware-traffic-analysis.net exercise “2016-02-06 – TRAFFIC ANALYSIS EXERCISE – NETWORK ALERTS AT CUPID’S ARROW ONLINE” I ran into a problem where when you loaded any file into the hex editor or just open it on its … Continue reading

Posted in Malware, System Tools, System Trouble Shooting | Tagged

Wireshark and TShark Timestamps

I am currently working on the latest Malware traffic analysis exercise located here Titled “2016-01-07 – TRAFFIC ANALYSIS EXERCISE – ALERTS ON 3 DIFFERENT HOSTS” I used the command line to run TShark  with this command to extract just the … Continue reading

Posted in Networking, security, System Tools | Tagged , , | 1 Comment

A little more on Wireshark and Pcap time stamps

In my last post I talked about getting a unique list of User-Agent strings and as a bonus I discovered that you can travel back and forth from Wireshark to a hex editor and back using the time stamps. In … Continue reading

Posted in Networking, security, System Tools | Tagged , , , | 1 Comment

Wireshark , Pcap files, User-Agent strings and Malware

Recently I have been going thru the malware traffic exercises created by Brad Duncan of “malware-traffic-analysis.net”. In my last post on a exercise I started wondering about the User-Agent strings used with malware as a way to possibly narrow in … Continue reading

Posted in Malware, Networking, System Tools | Tagged , | 2 Comments

Converting a SID in Array of bytes to String version in VB.Net

This is a program that converts SID’s with 1 – 5 sub Authorities  , from Array of bytes to the String Format In my last post I was looking for a way to convert the array of bytes , (SID: … Continue reading

Posted in CodeProject, System Tools, VB.net | Tagged , , | 1 Comment

Converting VB Script To VB.Net

My Last Post Titled “Event 10 Mystery Solved” (found here.), Left me with a Question about the binary version of the SID, A returned value of  CreatorSID: 1,5,0,0,0,0,0,5,21,0,0,0,190,118,173,34,87,198,105,19,239,226,7,24,244,1,0,0 I started searching the net to see if anyone has posted a … Continue reading

Posted in CodeProject, Programming Tools, System Tools, VB.net, VBScript | Tagged , , ,

Event 10 Mystery Solved

Using various methods I was able to back track the elusive event 10 to the source. Here is what you see when you open the event viewer on a Windows Vista system. There are A LOT  of post all over … Continue reading

Posted in Computer, System Tools, System Trouble Shooting | Tagged , , | 6 Comments