Matt Ehrnschwender
@cybershenanigans.space
Security person who likes writing code
With everyone publishing information on every corner of the Internet, it's never easy to stay informed
November 29, 2025 at 6:32 PM
With everyone publishing information on every corner of the Internet, it's never easy to stay informed
There are some rather ...interesting... opsec and design decisions in there but the core of it is that each component is split up and designed to run in a separate process using a main "orchestrator" for managing IPC. The posts above are good reads to help spark some ideas
November 29, 2025 at 6:41 AM
There are some rather ...interesting... opsec and design decisions in there but the core of it is that each component is split up and designed to run in a separate process using a main "orchestrator" for managing IPC. The posts above are good reads to help spark some ideas
Three samples that come to mind are CloudWizard securelist.com/cloudwizard-..., CloudSorcerer securelist.com/cloudsorcere... and Deadglyph www.welivesecurity.com/en/eset-rese.... They more or less do this where each module is spread across multiple different processes
Analysis of the CloudWizard APT framework
Kaspersky analysis of the CloudWizard APT framework used in a campaign in the region of the Russo-Ukrainian conflict.
securelist.com
November 29, 2025 at 6:41 AM
Three samples that come to mind are CloudWizard securelist.com/cloudwizard-..., CloudSorcerer securelist.com/cloudsorcere... and Deadglyph www.welivesecurity.com/en/eset-rese.... They more or less do this where each module is spread across multiple different processes
Reposted by Matt Ehrnschwender
First: Visual Studio Code
Visual Studio Code stores it's cached tabs at %APPDATA%\Code\Backups\<guid>\
The untitled temporary tabs will be found in the untitled folder, and each file contains the contents of those tabs
Visual Studio Code stores it's cached tabs at %APPDATA%\Code\Backups\<guid>\
The untitled temporary tabs will be found in the untitled folder, and each file contains the contents of those tabs
April 8, 2025 at 4:16 PM
First: Visual Studio Code
Visual Studio Code stores it's cached tabs at %APPDATA%\Code\Backups\<guid>\
The untitled temporary tabs will be found in the untitled folder, and each file contains the contents of those tabs
Visual Studio Code stores it's cached tabs at %APPDATA%\Code\Backups\<guid>\
The untitled temporary tabs will be found in the untitled folder, and each file contains the contents of those tabs
Reposted by Matt Ehrnschwender
Not sexy things, but they make my day-to-day usage much better. I've seen many people bemoan about Ghidra 's interface. My experience with ANY tool is that things don't change unless the problem is reported to the devs. So reach out and lay out your concerns - they'll respond!
February 7, 2025 at 9:00 PM
Not sexy things, but they make my day-to-day usage much better. I've seen many people bemoan about Ghidra 's interface. My experience with ANY tool is that things don't change unless the problem is reported to the devs. So reach out and lay out your concerns - they'll respond!
Where do I subscribe?
January 9, 2025 at 5:54 PM
Where do I subscribe?