-
Jun 22, 2018
It's not a mistery: a musician needs to spend time with the instrument. If you don’t practice enough, your progress will be much slower than a person who practices more. This leads us to the question: how long should I… read more »
-
Jun 20, 2018
Gargoyle is a memory analysis evasion technique that uses return-oriented programming (RoP) for hiding all of a program’s executable code in non-executable memory when it is inactive, and temporarily mark it executable to do some work at a pre-defined interval… read more »
-
Jun 18, 2018
Impacket is a collection of Python classes, developed by Core Security, for working with network protocols, which provides a low-level programmatic access to the packets and, for some protocols such us SMB1-3 and MSRPC, the protocol implementation itself. The library… read more »
-
Jun 15, 2018
When the first hacking of a telecommunication system occurred? In 1834, according to this article by Tom Standage! At that time there was no Internet or computers, but since 1794 France had its own national telecommunications network: a semaphore telegraph,… read more »
-
Jun 13, 2018
During investigation in a security incident, event log analysis is a key element. If the affected network is managed by Active Directory, identify compromised accounts is a critical step. For such investigation, because is quite difficult to conduct detailed analysis… read more »
-
Jun 11, 2018
With some useful enhanced features! Netcat is a "venerable"network tool, dubbed "the TCP/IP swiss army knife". It's an open source UNIX utility written in C (but also available on a great number of OSs) for performing network related tasks, really… read more »
-
Jun 8, 2018
On 25th May 2018, the GDPR (General Data Protection Regulation) enacted by the EU has come into effect. A lot of webmasters spent (and will spend) a lot of time in order to make websites compliant: a lot of checks… read more »
-
Jun 6, 2018
Dumpzilla is a Python 3 script developed to extract artifacts from Firefox, Iceweasel and Seamonkey browsers, useful durgin a forensic analysis. It works in command line under Unix and Windows 32/64 bits systems. Supported artifacts Cookies + DOM Storage (HTML… read more »
-
Jun 4, 2018
A typical NTFS filesystem contains hundreds of thousands of files. Each file has its own $MFT entry, and all $MFT entries are given a sequential address starting from zero, zero being the $MFT entry itself. Each MFT entry is addressed… read more »
-
Jun 1, 2018
A very basic fingerstyle piece composed for my guitar students: a little study inspired by a melody by Ludovico Einaudi. Another brief and simple piece composed for my beginners students, this time based on rithmic structure of the well known… read more »
-
May 30, 2018
Just imagine: your small web app, that allows user to download medium-large ZIP files, due a lucky reddit post, suddenly start to receive huge amount of traffic, and specifically a lot of downloads. The server is a small tier with… read more »
-
May 28, 2018
When performing the analysis of a malicious Android program directly on the device, often can be required to dump some network traffic. This operation is pretty simple when the device is connected to a wifi network managed by the analyst,… read more »
-
May 25, 2018
Every year, on May 25, i write a small post celebrating the Towel Day, but this time there is also a further event! Towel Day is an annual tribute to the late author Douglas Adams (1952-2001): on that day, fans… read more »
-
May 23, 2018
During a forensic analysis of a Windows system, it is often critical to understand when and how a particular process has been started. In order to identify this activity, we can extract from the target system a set of artifacts… read more »
-
May 21, 2018
The malware detects virtualized environments by taking infected machines' CPU temperature. When a malware infect a system, one of the next steps that it performs is gain persistence, a mandatory key to ensure the resilience of (for example) the connection… read more »
-
May 18, 2018
Alexandr Misko, 20 years old, a great percussive-fingerstyle technique and a successful career as a musician. Misko first caught the public's attention with an home recorded video, where he plays an original guitar piece with a "pentapping" base: https://www.youtube.com/watch?v=F1V3Pt7aFnI After,… read more »
-
May 16, 2018
Abusing SUDO for fun and profit! The SUDO (Substitute User and Do) command allows users to delegate privileges resources: users can execute specific commands under other users (also root) using their own passwords instead of user’s one or without password… read more »
-
May 14, 2018
Microsoft Terminal Services Remote Desktop Protocol (RDP) is a great feature that allows the interactive use or administration of a remote Windows system. However, it can be also used by an attacker, with compromised domain credentials, to move laterally across… read more »
-
May 11, 2018
Often to my guitar students i try to propose both pieces from standard course of study, and small exercises based on modern and famous themes. Usually, I take personally care of the transcription and arrangement of the songs, and today… read more »
-
May 9, 2018
Let us say it frankly: TMUX is a great console tool! TMUX is a terminal multiplexer, allowing a user to access multiple separate terminal sessions inside a single terminal window or remote terminal session: like GNU Screen, but with more… read more »