From ddb659a62cc1738d478e59e279080294243ab546 Mon Sep 17 00:00:00 2001 From: mether049 Date: Sat, 28 Mar 2020 23:58:47 +0900 Subject: [PATCH] Update malware-analysis_ref_and_memo.md --- malware-analysis_ref_and_memo.md | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/malware-analysis_ref_and_memo.md b/malware-analysis_ref_and_memo.md index e54c065..56c7950 100644 --- a/malware-analysis_ref_and_memo.md +++ b/malware-analysis_ref_and_memo.md @@ -382,6 +382,10 @@ Injecition/Hollowingされたプロセスの自動検出
- ref: - [vbastomp.com](https://vbastomp.com/) - [Advanced VBA Macros Attack&Defence,BHEU2019](https://www.decalage.info/files/eu-19-Lagadec-Advanced-VBA-Macros-Attack-And-Defence.pdf) +- [VbsEdit](https://www.vbsedit.com/) + - vbsのデバッガ付きエディタ +- [WSH Shell](http://glsft.free.fr/) + - vbsの対話型シェルとして利用可能 - vba memo - Using WScript.Shell ```