Daniel Bunce, Author at SentinelOne

Join SentinelOne at RSAC 2025, April 28-May 1 | North Hall, Booth 5863 Join us at RSAC 2025, April 28-May 1

Experiencing a Breach?
Blog
Contact

English
日本語
Deutsch
Español
Français
Italiano
Dutch
한국어

Get Started

Platform Overview
Data & AI
Endpoint Security
Cloud Security
Identity Security
- Singularity Identity Identity Threat Detection
  and Response

Why SentinelOne?

Why SentinelOne?
Compare SentinelOne
Verticals

Strategic Services
- PinnacleOne Strategic Advisory Group
Services Overview
Managed Services
Support, Deployment, & Health

Our Network
Program Overview

Resource Center
View All Resources
Blog
Blog
Tech Resources

About

About SentinelOne

English
日本語
Deutsch
Español
Français
Italiano
Dutch
한국어

Get Started

Daniel Bunce

Building A Custom Tool For Shellcode Analysis

From the Front Lines | 6 minute read

Writing Malware Traffic Decrypters For ISFB Ursnif 3 1

Writing Malware Traffic Decrypters for ISFB/Ursnif

Daniel Bunce / October 17, 2019

Daniel Bunce explains how to decrypt traffic between an attacker’s C2 and an endpoint infected with ISFB malware

Writing Malware Configuration Extractors For ISFB Ursnif 3

Writing Malware Configuration Extractors for ISFB/Ursnif

Daniel Bunce / October 10, 2019

Daniel Bunce demonstrating automated IOC extraction using a python script and an example of ISFB/Ursnif malware.

INFO STEALERS HOW MALWARE HACKS PRIVATE USER DATA 1

Info Stealers | How Malware Hacks Private User Data

Daniel Bunce / September 26, 2019

Continuing our free Zero2Hero malware reverse engineering course, Daniel Bunce dives into the details of KPot, Vidar & Raccoon Info Stealers.

Gootkit Banking Trojan Part 3 Retrieving The Final Payload 1

Gootkit Banking Trojan | Part 3: Retrieving the Final Payload

Daniel Bunce / September 5, 2019

Gootkit’s final payload contains multiple Node.js scripts. Join Daniel Bunce as he reverse engineers the malware to take a deeper look at what it delivers.

Copy Of Copy Of Gootkit Banking Trojan Deep Dive Into Anti Analysis Features 1

Security Research

Gootkit Banking Trojan | Part 2: Persistence & Other Capabilities

Daniel Bunce / August 29, 2019

Reverse engineering Gootkit reveals tricks for persistence, self-updating and a kill switch. Join us as we continue our deep dive into this banking malware

Gootkit Banking Trojan Deep Dive Into Anti Analysis Features 1

Gootkit Banking Trojan | Deep Dive into Anti-Analysis Features

Daniel Bunce / August 15, 2019

Gootkit packs plenty of Anti-Analysis features to evade sandboxes, prevent execution in a Virtual Machine, and slow down analysis. Let’s take a dive inside!

Search

Search ...

Sign Up

Get notified when we post new content.

Thanks! Keep an eye out for new content!

Recent Posts

AkiraBot | AI-Powered Bot Bypasses CAPTCHAs, Spams Websites At Scale
April 9, 2025
LABScon24 Replay | A Walking Red Flag (With Yellow Stars)
March 31, 2025
LABScon24 Replay | Kryptina RaaS: From Unsellable Cast-off to Enterprise Ransomware
March 26, 2025

Labs Categories

Crimeware
Security Research
Advanced Persistent Threat
Adversary
LABScon
Security & Intelligence

©2025 SentinelOne, All Rights Reserved.

Privacy Notice Master Subscription Agreement

Company

Our Customers
Why SentinelOne
Platform
About
Partners
Support
Careers
Legal & Compliance
Security & Compliance
Contact Us
Investor Relations

Resources

Blog
Labs
Product Tour
Press
News
FAQ
Resources
Ransomware Anthology

Global Headquarters

444 Castro Street
Suite 400
Mountain View, CA 94041

+1-855-868-3733

sales@sentinelone.com

Sign Up For Our Newsletter

Thank you! You will now receive our weekly newsletter with all recent blog posts. See you soon!

Language

English
日本語
Deutsch
Español
Français
Italiano
Dutch
한국어