-
Sep 21, 2018
A lot of musicians better than me says that "River flow in you" is a song too simple, cheesy and definitely overplayed: and actually i agree!However, the simple harmony and the repetitive structure makes it perfect for an ukulele rendition… read more »
-
Sep 17, 2018
Unix terminal is a powerful tool. I think that a lot of tasks (including my own forensics analysis workflows) can be accomplished more quickly on a "terminal only" environment. Here my brief cheatsheet with useful commands and tips. Reload shell… read more »
-
Sep 14, 2018
Recently i've looked again an old ukulele project: the transcription of soundtracks from old video games. The list of games that i loved is pretty long, but one of them which i remember more pleasantly is "The Secret of Monkey… read more »
-
Sep 10, 2018
During the first phase of a penetration test, especially when the test is performed in blackbox mode, is really important to gather correct informations from company websites and employees social accounts. Here a short list of tool useful during this… read more »
-
Sep 7, 2018
"Moon river, wider than a mile I'm crossing you in style some day" "Moon River" is a song composed by Henry Mancini with lyrics by Johnny Mercer, written for the film Breakfast at Tiffany's and singed by Audrey Hepburn ( also an instrumental version is… read more »
-
Sep 3, 2018
What does blockchain technology have to do with cybersecurity? Blockchain technology seems to be a Columbus' egg: it may removes error and fraud, it can track ownership, managing identities and is resilient to cyber attacks. Let's take a look at… read more »
-
Aug 31, 2018
The (unconfirmed) story goes that Francisco Tárrega composed Lágrima in 1881, while performing in London. He was depressed and homesick, and he wrote a song describing his state. The piece Lagrima is a prelude that consists of two 8-bar sections (A,… read more »
-
Aug 27, 2018
After the first disclosure of CVEs related to speculative execution vulnerabilities (Meltdown and Spectre) on CPUs, a lot of researcher started to analyze the CPUs in order to find other vulerabilities and possible exploit techniques. Just some days ago a… read more »
-
Aug 24, 2018
Adelita is a mazurka written by Francisco Tárrega: along with Capricho Árabe and Recuerdos de la Alhambra, it is one of his best-known works. The tempo notated by Tárrega was "Lento", however mazurkas are usually played faster. So, it is… read more »
-
Aug 20, 2018
In my previous post "Code injection on Windows using Python: a simple example", i've explored the ctype python library and the usage of Windows API in order to perform a code injection on 32bit systems. All tests was performed… read more »
-
Aug 13, 2018
How quantum physics can make encryption stronger Currently Vikram Sharma is the CEO (and founder) of QuintessenceLabs (or Q-Labs) which uses quantum technology to strengthen cryptographic key management and recently released a quantum random number generator stuffed into a PCI… read more »
-
Aug 6, 2018
Recently i had to perform some comparative tests on a couple of whitelisting solutions. One of the crucial step of the test was the proper functioning of memory monitoring feature, useful in case of process injection: infact, when a trusted… read more »
-
Aug 1, 2018
The Netflix Security Intelligence and Response Team (SIRT) has released (under Apache 2.0 license) a triage tool to help digital forensics and incident response teams quickly identify compromised hosts on which to focus their response. The tool, written in python… read more »
-
Jul 30, 2018
Recently i've published this post focused on hunting malware using volatility and Yara rules. Into the article i've shared the simple script which i use for downloading and merging all yara rules related to malware into a single file, useful… read more »
-
Jul 27, 2018
A 2 hour video biography of the great guitarist Julian Bream. Julian Bream needs no introduction but... Who is Julian Bream? Julian Alexander Bream, (July 15, 1933, London), is an internationally celebrated English guitarist and lutenist who inspired new interest… read more »
-
Jul 25, 2018
Spoiler: shame on DumpIT! Some days ago, I was busy with a forensic analysis on a Windows server. The machine was a Windows Server 2008 R2, used as webserver, with 24 GB of RAM. But during memory analysis with Volatility,… read more »
-
Jul 23, 2018
The ability to quickly and reliably detect lateral movement in the network is one of the most important skills in information security today: the lateral movement attack phase represents the biggest difference between a targeted and strategic attacks and a simplistic… read more »
-
Jul 20, 2018
Joaquín Rodrigo’s Concierto de Aranjuez is one of the most popular concertos of all time, one of the most original masterpieces of the 20th century. Its beautiful central Adagio has been arranged for everything, from mouth, organ to brass… read more »
-
Jul 18, 2018
Having a solid grasp of tcpdump is mandatory for anyone desiring a thorough understanding of TCP/IP. What is tcpdump? Tcpdump is one of th best network analysis tool for information security professionals. tcpdumpruns under the command line and allows the… read more »
-
Jul 16, 2018
Previously i've talked a lot about Volatility, and i've published also some articles about YARA. Today i'd like share a brief and simple workflow, useful for a first high-level analysis of memory dumps in order to search the presence of… read more »