Posted on 2020-02-25Josiah Smith
Our CTO, Pedram Amini, and colleague Ero Carrera have open-sourced all the materials from a two-day reverse engineering class they taught over the years at BlackHat, the last instance being at Blackhat 2009 Federal. Written in LaTeX + Beamer, the course materials can be rendered in both slideshow (PDF) and article (PDF) modes. Additionally, the courseware includes malware samples and all requisite references, scripts, tools, exercises, and solutions.
Posted on 2020-02-24Samuel Kimmons
Samuel Kimmons is a Lead Cyber Threat Emulator/Red Teamer and Penetration Tester at the United States-Air Force Computer Emergency Response Team (US-AFCERT). In his guest blog, he discusses LoLBins or Living Off the Land Binaries to get PowerShell without PowerShell.
Posted on 2020-01-23Josiah Smith
An illustrative blog discussing the Pyramid of Pain and how it relates to the Iceberg of Inspection. Deep File Inspection can uncover TTPs and other indicators to supplement prevention, detection, and threat hunting within your network.
Posted on 2020-01-22Adam Musciano
A heartfelt retrospective from one of the InQuest Interns detailing his experiences and contributions.
Posted on 2019-12-25Deandre Hall
InQuest combines Deep File Inspection (DFI) and RetroHunting™ to bring the threat hunting capabilities of VirusTotal Intelligence to your own environment. VirusTotal provides analysts with powerful tools to threat hunt against millions of files, domains, and IPs, but has the drawback of not currently offering a self-hosted option for organizations that wish to keep their data private.