I’ve recently been involved in a couple of discussions for different ways for identifying malware. One of the possibilities that has been brought up a couple of times is fuzzy hashing, intended to locate files based on similarities to known files.
The team from Offensive Security have just announced the opening of explo.it (re-directs to exploits.offensive-security.com, just more memorable). The site is designed as a successor to milw0rm. If you’ve ever browsed the milw0rm site the layout will be instantly familiar. I think this is great news for the infosec community, not only does the OffSec […]
I’ve recently had the pleasure of talking with Leon van der Eijk which resulted in me getting the opportunity to review an article he had been working on. The focus of the article is to identify and collect malware samples from running processes within volatile memory. Given my predilection for malware collection and analysis Leon […]
As I discussed in my last post about Dionaea I am really impressed with the improvements to logging capabilities over Nepenthes. I’ve now had a Dionaea system online for ~24hours, which while it isn’t enough data to draw any meaningful statistics, it has provided enough data to work on some new tools. I had been […]
I’ve known about Vyatta for a while, but whilst the premise has always seemed appealing I’ve not had a reason to dig deeper. Vyatta propose to be ‘The open source alternative to Cisco’, which appeals as a nice fit into a low-cost training and development lab so tonight I decided to take a closer look.
A colleague recently introduced me to scripting with Powershell. After seeing a couple of examples of it’s strength for handling legitimate administration tasks my devious side came into play and I started imaging havok in my head.
As part of an upcoming project I’ve been playing with some screen capture and editing software. As I’ve never been one for for the graphical/fluffy side of IT it’s a new area for me, and I was shocked with how simple it can be. For screen capture I used the free CamStudio application, at first […]
I’ve just complete work on a project I’ve had in mind for a while now, a warwalking case. As you can probably guess it involves fitting a war-drive rig (car excluded) inside a carryable case. As I had one going spare I started off with a fairly standard CD carry case: Bit of fun with […]
Cool gadget pen compliments of Cisco Systems!
I’m running behind the curve on this one, but after several of my usual sources suggesting KonBoot as a useful addition to any security toolkit. The premise of Kon-Boot is simple, by modifying the system kernel (Windows or Linux) upon boot there is no need to know the users password to access the system. Kon-Boot […]