I’ve recently been involved in a couple of discussions for different ways for identifying malware. One of the possibilities that has been brought up a couple of times is fuzzy hashing, intended to locate files based on similarities to known files.
Category archives: Tool-Kit
Rise of explo.it database
The team from Offensive Security have just announced the opening of explo.it (re-directs to exploits.offensive-security.com, just more memorable). The site is designed as a successor to milw0rm. If you’ve ever browsed the milw0rm site the layout will be instantly familiar. I think this is great news for the infosec community, not only does the OffSec […]
Article Review: Carving malware from memory
I’ve recently had the pleasure of talking with Leon van der Eijk which resulted in me getting the opportunity to review an article he had been working on. The focus of the article is to identify and collect malware samples from running processes within volatile memory. Given my predilection for malware collection and analysis Leon […]
mimic-nepstats.py
As I discussed in my last post about Dionaea I am really impressed with the improvements to logging capabilities over Nepenthes. I’ve now had a Dionaea system online for ~24hours, which while it isn’t enough data to draw any meaningful statistics, it has provided enough data to work on some new tools. I had been […]
Vyatta: First Impressions
I’ve known about Vyatta for a while, but whilst the premise has always seemed appealing I’ve not had a reason to dig deeper. Vyatta propose to be ‘The open source alternative to Cisco’, which appeals as a nice fit into a low-cost training and development lab so tonight I decided to take a closer look.
AV killing with powershell
A colleague recently introduced me to scripting with Powershell. After seeing a couple of examples of it’s strength for handling legitimate administration tasks my devious side came into play and I started imaging havok in my head.
Screen Capture and Editing
As part of an upcoming project I’ve been playing with some screen capture and editing software. As I’ve never been one for for the graphical/fluffy side of IT it’s a new area for me, and I was shocked with how simple it can be. For screen capture I used the free CamStudio application, at first […]
War-walking case
I’ve just complete work on a project I’ve had in mind for a while now, a warwalking case. As you can probably guess it involves fitting a war-drive rig (car excluded) inside a carryable case. As I had one going spare I started off with a fairly standard CD carry case: Bit of fun with […]
Thank you Cisco
Cool gadget pen compliments of Cisco Systems!
Kon Boot
I’m running behind the curve on this one, but after several of my usual sources suggesting KonBoot as a useful addition to any security toolkit. The premise of Kon-Boot is simple, by modifying the system kernel (Windows or Linux) upon boot there is no need to know the users password to access the system. Kon-Boot […]