Cyber Security Blog
Introduction Splunk Boss of the SOC (BOTS) is an awesome capture the flag event that I have had the privilege of attending. Splunk have now released everything required to run your own BOTS v3.0, more information can be found here: https://www.splunk.com/en_us/blog/security/botsv3-dataset-released.html. Splunk have opensourced everything required to run a Splunk BOTS v3.0 event including the… Continue reading Splunk BOTSv3 Install and Configuration
This page is intended to be updated as and when we come across handy Ubuntu commands useful for general Linux usage. Process Management $ ps ax | grep pastehunter $ pkill -9 -f pastehunter.py Retrieve WAN address $ curl icanhazip.com GrepFu $ grep -rnw . -e Unzip multiple files into folders named the same as… Continue reading Handy Ubuntu Shortcuts
This page is intended to be updated as and when we come across handy Windows commands useful for general Windows usage. Create a Shutdown Shortcut Create a new shortcut Enter the following for the location: %windir%\system32\Shutdown.exe -s -t 00Set the name to Shutdown, click Finish. Change the icon, otherwise, it will use the icon reserved… Continue reading Handy Windows Shortcuts / Commands
All too often I have seen basic operational security practices not being adhered to by analysts when performing their analysis. This article is aimed at the Cyber Security Professional and is designed to provide guidance on general dos and don'ts when conducting intrusion analysis. This is by no means an exhaustive list but will hopefully… Continue reading Operational Security (OPSEC) for The Cyber Intel Analyst
If you're looking for an alternative to public URL scanners like urlscan.io or rescan.pro, then you've come to the right place. Hosting your own tool allows you to keep a personal record of the URLs you've scanned, keep the results from the scans for as long as you need, and by using a cloud Virtual… Continue reading Setting up Lookyloo
Please read How to Setup PasteHunter in VirtualBox before using this guide. So you may have noticed in the "settings.json" file that PasteHunter supports SMTP output. This is ideal for being alerted to certain Yara Rule hits, or even custom rules that you've created yourself as they appear. Depending on what SMTP server you want… Continue reading Setting Up PasteHunter Part 2 – Email Alerts & Moving to the Cloud
I've been using this tool for a couple of weeks now and I've been amazed at the stuff I've found on Pastebin, even just using the default rules that come with the application. The tool being, as the title suggests, is called "PasteHunter" - https://github.com/kevthehermit/PasteHunter The author of the tool describes it as: "PasteHunter is… Continue reading How to setup PasteHunter in a VirtualBox
Run As Root 