The old (and free) FTI Imager command line tool still is one of my favourite RAW to/from EWF (E01) conversion tool in MacOS. Most tutorials point to ewf-tools, but in case of problems, the good ol’ ftkimager can come to the rescue.
First we demote a “production / retail fused” iPhone by applying “checkm8”, then the Bonobo JTAG cable is setup, allowing us to have a look live into the boot code execution.
PowerShell script that adds a rule to the Firewall of a Windows VM blocking all traffic to the local network, except the gateway which makes it possible to still access the Internet.
As I like to visualy see on what VM I’m working right now, I created a few simple desktop backgrounds.…
Kali 2 is a great improvement to the first version. However, the Kali 2 VM sometimes feels slow, the graphic outputs lags as does the terminal window. Let’s address this issue with the LXDE desktop manager.
The cURL tool supports HTTP/2 in it’s current version 7.47, of 27th of January 2016. This version is however not yet distributed in Debian or Kali packages so one must take this matter into its own hands…
The Putty tool suite comes with a quite handy tool named “puttygen”. The tool can be used to create a…
IntelMQ is a solution for CERTs for collecting and processing security feeds, pastebins, tweets using a message queue protocol. It’s a community driven initiative called IHAP (Incident Handling Automation Project) which was conceptually designed by European CERTs during several InfoSec events. Its main goal is to give to incident responders an easy way to collect and process threat intelligence thus improving the incident handling processes of CERTs.
Using SSL (actually TSL), to log into the WordPress administration zone is nearly a must these days, and it is…
Let’s discuss some things around setting up (START)TLS support for a Postfix mail server. Once done, let’s trouble shoot the installation since configuring this things never go right at the first try :)
This article takes discusses a particular vulnerability allowing an attacker to bypass web server rate limits. Instead of the attacker sending one query with a one password, the script sends one query with 500 passwords via xmlrpc API. There are various ways to prevent this from happen. Let’s see how…
The EU Bookshop contains thousands of papers published by the European Institutions, in all possible domains. Some of these documents are about information security and they are quite interesting.
We, the DEVOXX 2015 Security track team, want to increase security awareness among software and hardware developers. We want to make this year’s track about understanding how to break things, and knowing that this understanding allows developers to design and build more secure systems. Security has to be by design, not by feature, use case or layer. In this spirit, we would like to invite you to submit talks around the subjects on how to stress security of software projects and on how to deal with these aspects as a developer and architect. Any submission of topic ideas is very welcome too.
By continuing to use the site, you agree to the use of cookies. more information
The cookie settings on this website are set to "allow cookies" to give you the best browsing experience possible. If you continue to use this website without changing your cookie settings or you click "Accept" below then you are consenting to this.