Recover corrupt KeepNote filestructure
<update>Further investigation has shown that data has been restored, but the tree structure isn’t perfect. Use at own risk</update> Anyone who’s taken Offensive Security training should be...
View ArticleAVG & FUD?
Like most techies I get the job of fixing and maintaining relatives’ PCs. As part of this after fixing whatever is broken I have some common clean-up and install routines that I go through to both help...
View ArticleStarting with Artillery
On Friday I arrived home looking forward to a well-earned rest; unfortunately Dave Kennedy seemed to have other ideas for my weekend as he announced the alpha release of a new honeypot, Artillery....
View ArticleBook Review: Zero day
Written by Microsoft’s Mark Russinovich, Zero Day focuses on the actions of a security consultant who starts a job for a client who’s systems have been infected with unknown malware and taking out of...
View ArticleBook Review: Kingpin
Written by journalist Kevin Poulsen (of wired.coms Threat Level blog), KingPin spans the hacking, cracking and carding underworld spread over several decades. The narrative covers the life and...
View ArticleCuckoo Sandbox 101
It’s a while since I’ve found time to add a new tool to my malware environment, so when a ISC post highlighted a new update to Cuckoo sandbox it served as a good reminder that I hadn’t got around to...
View ArticleHoneyD network architecture
I was recently asked about the network configuration I use for my honeyd sensor. I had thought I’d already written about this so initially went to find the article on honeyd configuration; but my...
View ArticlePipal password analysis of Kippo password useage
Pipal is a tool for quickly and easily analysing password trends across many passwords, created by @digininja and @n00bz. Install (such as it is) is a straightforward affair; download, unpack, run....
View Articleecho “fat”| sed s/a/i
More of a personal post this time; the post title(*) is about as geeky as it gets, if you’re only here for the tech then you may want to skip this one I’m a geek (no surprises there), and thanks to too...
View Articlems12-020 mitigations
This week has been an interesting one for followers of the info-sec arena. On Tuesday Microsoft released a patch and security bulletin for MS12-020 for a critical flaw in remote desktop protocol,...
View ArticleNew Download Sources
I’ve been meaning to tidy up some of my older older scripts for some time, and as a colleague recently pointed me in the direction of BitBucket for free hosting of source code repositories this gave me...
View ArticleOnline Bank Cards
The reaction most people have when you point out people are naive enough to post pictures of credit and debit cards online is to laugh, surely no one could be that unaware of the risks. But the fact is...
View ArticleStupidity, begets stupidity – and no security
I realised whilst at work today that my credit card wasn’t in my wallet, after hoping against hope that it would be in yesterday’s trouser pocket when I got home I had to accept that it was lost. Far...
View ArticleRanting at the youth
Since graduating back in 2006 I’ve been honoured by Northumbria University by being asked to return and speak with their students with the hindsight of having spent time out in industry, I covered my...
View ArticleTales from the Honeypot: Bitcoin miner
My Kippo farm has been largely retired as most of the captured sessions where becoming stale and ‘samey’. Thankfully however, I’ve still been getting daily reports thanks to this script (now available...
View ArticleGoogle Glass: New threat or business as usual?
Woke this morning to find several articles covering the release of a short script designed to locate and ultimately block wearers of Google Glass from accessing a wireless network. This was apparently...
View ArticleSanitising WSA export dates
As AV solutions go, Webroot’s Secure Anywhere (WSA) does a decent enough job of protecting against known and unknown threats; but I’ve always has disagreements with the administrative web interface for...
View Article
More Pages to Explore .....