-
Jun 25, 2017
In order to start a memory analysis with Volatility, the identification of the type of memory image is a mandatory step. Here some usefull commands. imageinfo For a high level summary of the memory sample you’re analyzing, use the imageinfo… read more »
-
Jun 23, 2017
In order to analyze it with Volatility Usually i use a VirtualBox sandbox in order to ‘detonate’ some malware and analyze the behavior of them. In this phase, the analysis of sandbox’s ram with Volatility is a mandatory step.But, how… read more »
-
Jun 22, 2017
The research paper by P1 Security was presented last week in a security conference in France A team of researchers from security firm P1 Security has detailed a list of flaws in the VoLTE protocol that allows an attacker to spoof… read more »
-
Jun 21, 2017
A research by Japan Computer Emergency Response Team With “lateral movement’ we identify the techniques that enable an adversary to access and control remote systems on a network: an attacker can use lateral movement for many purposes, including remote execution… read more »
-
Jun 20, 2017
Great speech by Keren Elazari from TED.com Keren Elazari is an internationally recognized researcher, author and speaker on all matters cyber security and hacker culture. Since 2000, Keren has worked with leading security firms, public organizations, Big 4 and Fortune 500… read more »
-
Jun 19, 2017
Simple, with 5 commands! Finally, Debian 9 “Stretch” was released in the “stable” branch! A lot of upgrades, especially in kernel, glibc and other base packages. Some info from the official wiki (also see the official stretch release notes.): New… read more »
-
Jun 16, 2017
Automated acquisition of data from thousands of hosts with Powershell! Kansa is a powershell framework designed by Dave Hull to support massive data collections. It permits to easily scaling to thousands of systems via powershell remoting, but is not confined… read more »
-
Jun 15, 2017
Useful in forensics analysis and incident response During the analysis phase, after (for example) a system compromization, is very important to know the standard Windows processes, in order to have a ‘baseline’ useful to make a ‘diff’ with the compromised system.… read more »
-
Jun 14, 2017
A custom user.js configuration file designed to make your Firefox more secure A user.js file is an alternative method of modifying Firefox’s preferences: it can make certain preference settings more or less “permanent” in a specific profile, and is also a… read more »
-
Jun 12, 2017
A python script that search and download exploit from Vulners Database getsploit is a command line search and download tool for Vulners Database. It was inspired by searchsploit, the tool used for search and download from https://www.exploit-db.com. It allows you to… read more »
-
Jun 9, 2017
A really interesting series of articles on SANS Digital Forensics Blog On 2010, Hal Pomeranz has started on SANS Digital Forensics blog a series of technical articles about EXT4 filesystem. What is EXT4? EXT4 is a journaling file system for Linux,… read more »
-
Jun 8, 2017
After all, the BSOD is also a useful feature! The researchers of security firm Kryptos Logic has performed an extensive analysis of well known WannaCry ransomware. One of the findings is really interesting (and funny!): WannaCry can infect machines that still… read more »
-
Jun 7, 2017
Pretty simple, with a node.js application Have I Been Pwned? is a website created by security expert Troy Hunt, that allows internet users to check if their personal data has been compromised by data breaches. The site collects and analyzes… read more »
-
Jun 6, 2017
It’s important to have the right tools to analyze suspect documents! Currently, the main malware infection vehicle remains the classic malicious document attached to an email. So it is very important to have the right tools to analyze suspect documents.… read more »
-
Jun 5, 2017
Block ads directly from the hosts file Browser extensions for Ads blocking usually works well, but in some cases they use a lot of memory and CPU, especially with really complex web pages. A really god solution for ads blocking, with… read more »
-
Jun 1, 2017
Google hacking for fun and profit In 2002, Johnny Long began to collect interesting Google search queries that uncovers vulnerable systems or sensitive information, and calls them “Google dorks”. We identify with “Google Dorking” the method for finding vulnerable targets using… read more »
-
May 30, 2017
…in a free collaborative book! linux-insides is a online project developed by 0xAX focused on the making of a book about the linux kernel and its insides: The goal is simple — to share my modest knowledge about the insides of the… read more »
-
May 29, 2017
..it’s Monday and I don’t want to write anything! It’s true, I didn’t prepare any articles on the weekend, however by accident I saw this nice strip on CommitStrip and… http://www.commitstrip.com/en/2017/02/28/definitely-not-lazy/ (Seriously, how many times did he do this?) [embed]http://www.commitstrip.com/en/2017/02/28/definitely-not-lazy/[/embed]… read more »
-
May 26, 2017
This vulnerability could lead to the next WannaCry? A serious vulnerability in Samba could leave unpatched machines open to an attack similar to WannaCry. The vulnerability has been assigned the CVE-2017–7494 and is described as a remote code execution from… read more »
-
May 25, 2017
“ So, carry a towel and…DON’T PANIC!” Towel Day is an annual tribute to the author Douglas Adams. It’s celebrated every year on 25 May: on this day, fans openly carry a towel with them, as described in Adams’ The… read more »