Welcome to Neehack Blogs

Category: News

  • How to disable write event using Filesystem Mini-Filter Driver ?

    A Filesystem Mini-Filter is a driver that enables you to modify Kernel event before it happens such as Create File, Write File, Open File, Delete File. This type of drivers are mostly used by Anti-Virus and Encryption tools. Code “filter.c”: “filter.inf” In summary, this driver, captures PreFileCreate and PreFileWrite events and if the write event […]

  • How to create a QDialog without blocking main thread in PyQt5?

    Say you have MainWindow in PyQt5 and as part of this app you need a custom Pop-up/Dialog box that does not block MainWindow thread. To do this, you first design your dialog box in PyQt5 Designer and save it as a UI file and then compile using pyuic5 as follows: This will result into a […]

  • Who is Neehack?

    Neehack Inc, is a company that mainly focuses on Cyber Security. Our services are considered to be the best and affordable. We are experts in building and securing using artificial intelligence. An active community in cyber security. Our free tools are used world-wide for security assessments purposes. Our commercial services includes below but are not […]

  • How does APT28/CLTNETW.exe malware work?

    Fancy Bear is a Russian cyber espionage group. Cybersecurity firm CrowdStrike has said with a medium level of confidence that it is associated with the Russian military intelligence agency GRU. This malware was first reported in 2018, and commonly have one of the following names: Malware Hashes Function Imports (Based on Python PEFile lib) A […]

  • How to differentiate Code vs Data from Op-Code?

    Suppose you have the following number of bytes, and you would like to know whether these bytes are executable code or data? Generally speaking, there is no guaranteed way to differentiate code from data. But you can follow certain conditions to identify whether these are code or data. For example, if you look at the […]