Collaborate Disseminate
In the packet capture framework Moloch, there are a large variety of keywords you can use to grep through packets, such as http.uri. An http.uri query would look something like this:http.uri == “misc.php?v=4112&js=js” That’s a powerful tool, but wh… Continue reading Using Wildcards To Change the Functionality of Search
Did you forget the PostgresSQLcredentials to start msfrpcd in your Metasploit instance? There’s a quick way to recover that username and password. Open up msfconsole, and run the command “load msgrpc”. You’ll get output like this:msf > load msg… Continue reading msfrpcd
The SANS Storm Center did a diary article on PacketTotal, which you can find here. PacketTotal is a (free) site where you upload a pcap (up to 50 Mb) and the site will analyze it and give you an console view that includes malicious or suspicious a… Continue reading PacketTotal
There is no shortage of security vendors. There is not a shortage of good security tools. Whatever tool you need, there are probably a dozen companies that have a tool that fits your need. Automation is necessary, given the huge amount of alerts, logs … Continue reading Fixing the Nations CyberSecurity Professionals Shortage Problem
DerbyCon was fantastic again this year, with talks from some of the best and brightest in NetSec. If you’re not familiar with it, it’s been held each year in September in Louisville, Kentucky since 2011. Admission to the conference (3 days) is only $17… Continue reading DerbyCon
Here is my opinion on FPC. Full packet capture can be an intrusion analyst’s best friend. Consider this example: You receive an alert that an internal device accessed a piece of JavaScript on some web site and the rule says there was an object use… Continue reading FPC
Got a topic you’ve become very knowledgeable about and would like to share your expertise? Want to add to the cumulative knowledge base of InfoSec/NetSec? You can write and upload your paper(s) to infosecwriters.com, and if it meets their criteria for … Continue reading Infosec Writers
The SANS Pen Test group has a poster they hand out at SANS conferences and put in mailings that has an awesome mind map of hacking challenge/skills sites.Won’t be going to conference soon or not on the mailing list? No worries, the poster can be downlo… Continue reading Great List of Hack Sites
The SANS Pen Test group has a poster they hand out at SANS conferences and put in mailings that has an awesome mind map of hacking challenge/skills sites.Won’t be going to conference soon or not on the mailing list? No worries, the poster can be downlo… Continue reading Great List of Hack Sites