fboldewin

Reverser, Malware Researcher, Threat Intelligence dude, focused on hunting APTs targeting the financial industry. Follow me on Twitter @r3c0nst

Germany

Pinned Repositories

ATM-Hacking-ISC2018
Slides from my talk at ISC 2018 in Beijing 2018
91 9 323
ATM-Jackpotting-P4WNP1-style-with-malware-XFS_DIRECT
Analysis of the XFS_DIRECT ATM malware used for jackpotting with a PI ZERO W and the P4WNP1 framework on board
140 21 131
ATMMalScan
51 7 121
COM-Code-Helper
Two IDAPython Scripts help you to reconstruct Microsoft COM (Component Object Model) Code
Language:Python178 13 035
FastCashMalwareDissected
Operation Fast Cash - Hidden Cobra‘s AIX PowerPC malware dissected
25 3 011
MacGyver-s-return---An-EMV-Chip-cloning-case
Slides from my Area41 security conference talk in Zurich/CH
14 4 09
misc_malware
Language:Python37 3 04
reconstructer.org
Legacy repo of my discontinued reconstructer.org website with tools and papers from 2006 - 2013
23 4 07
YARA-rules
Some YARA rules i will add from time to time
Language:YARA62 11 021
YARA_Detection_Engineering
Detection Engineering with YARA
85 3 013

fboldewin's Repositories

fboldewin/COM-Code-Helper
Two IDAPython Scripts help you to reconstruct Microsoft COM (Component Object Model) Code
Language:Python178 13 035
fboldewin/ATM-Jackpotting-P4WNP1-style-with-malware-XFS_DIRECT
Analysis of the XFS_DIRECT ATM malware used for jackpotting with a PI ZERO W and the P4WNP1 framework on board
140 21 131
fboldewin/ATM-Hacking-ISC2018
Slides from my talk at ISC 2018 in Beijing 2018
91 9 323
fboldewin/YARA_Detection_Engineering
Detection Engineering with YARA
85 3 013
fboldewin/YARA-rules
Some YARA rules i will add from time to time
Language:YARA62 11 021
fboldewin/ATMMalScan
51 7 121
fboldewin/misc_malware
Language:Python37 3 04
fboldewin/FastCashMalwareDissected
Operation Fast Cash - Hidden Cobra‘s AIX PowerPC malware dissected
25 3 011
fboldewin/reconstructer.org
Legacy repo of my discontinued reconstructer.org website with tools and papers from 2006 - 2013
23 4 07
fboldewin/MacGyver-s-return---An-EMV-Chip-cloning-case
Slides from my Area41 security conference talk in Zurich/CH
14 4 09
fboldewin/Libertad-y-gloria---A-Mexican-cyber-heist-story---CyberCrimeCon19-Singapore
Libertad y gloria - A Mexican cyber heist story - CyberCrimeCon19 Singapore
5 1 04
fboldewin/When-ransomware-hits-an-ATM-giant---The-Diebold-Nixdorf-case-dissected
When ransomware hits an ATM giant - The Diebold Nixdorf case dissected - Group-IB CyberCrimeCon2020
5 2 02
fboldewin/CAPA_RULES
My personal CAPA rules
2 3 01
fboldewin/tools
Tools I have written for malware analysis
2 2 0

fboldewin

Pinned Repositories

ATM-Hacking-ISC2018

ATM-Jackpotting-P4WNP1-style-with-malware-XFS_DIRECT

ATMMalScan

COM-Code-Helper

FastCashMalwareDissected

MacGyver-s-return---An-EMV-Chip-cloning-case

misc_malware

reconstructer.org

YARA-rules

YARA_Detection_Engineering

fboldewin's Repositories

fboldewin/COM-Code-Helper

fboldewin/ATM-Jackpotting-P4WNP1-style-with-malware-XFS_DIRECT

fboldewin/ATM-Hacking-ISC2018

fboldewin/YARA_Detection_Engineering

fboldewin/YARA-rules

fboldewin/ATMMalScan

fboldewin/misc_malware

fboldewin/FastCashMalwareDissected

fboldewin/reconstructer.org

fboldewin/MacGyver-s-return---An-EMV-Chip-cloning-case

fboldewin/Libertad-y-gloria---A-Mexican-cyber-heist-story---CyberCrimeCon19-Singapore

fboldewin/When-ransomware-hits-an-ATM-giant---The-Diebold-Nixdorf-case-dissected

fboldewin/CAPA_RULES

fboldewin/tools