Compile The Sleuth Kit on Linux
The Sleuth Kit® (TSK) is a library and collection of command line digital forensics tools that allow you to investigate volume and file system data. On Linux, it’s quite easily compiled directly from source.
Category: Security and DFIR
MacOS – RAW to/from EWF Image Conversion
The old (and free) FTI Imager command line tool still is one of my favourite RAW to/from EWF (E01) conversion tool in MacOS. Most tutorials point to ewf-tools, but in case of problems, the good ol’ ftkimager can come to the rescue.
iPhone, JTAG and Bonobo
First we demote a “production / retail fused” iPhone by applying “checkm8”, then the Bonobo JTAG cable is setup, allowing us to have a look live into the boot code execution.
Isolate VM from LAN, allowing WAN
PowerShell script that adds a rule to the Firewall of a Windows VM blocking all traffic to the local network, except the gateway which makes it possible to still access the Internet.
REMnux / SIFT Desktop Backgrounds
As I like to visualy see on what VM I’m working right now, I created a few simple desktop backgrounds.…
Formula One again – LXDE and Kali 2
Kali 2 is a great improvement to the first version. However, the Kali 2 VM sometimes feels slow, the graphic outputs lags as does the terminal window. Let’s address this issue with the LXDE desktop manager.
Compiling cURL with HTTP/2 support on Kali Linux 2
The cURL tool supports HTTP/2 in it’s current version 7.47, of 27th of January 2016. This version is however not yet distributed in Debian or Kali packages so one must take this matter into its own hands…
Create and Convert Key Files with Putty
The Putty tool suite comes with a quite handy tool named “puttygen”. The tool can be used to create a…
IntelMQ
IntelMQ is a solution for CERTs for collecting and processing security feeds, pastebins, tweets using a message queue protocol. It’s a community driven initiative called IHAP (Incident Handling Automation Project) which was conceptually designed by European CERTs during several InfoSec events. Its main goal is to give to incident responders an easy way to collect and process threat intelligence thus improving the incident handling processes of CERTs.
WordPress Administration Login forced to SSL
Using SSL (actually TSL), to log into the WordPress administration zone is nearly a must these days, and it is…
Postfix TLS Configuration
Let’s discuss some things around setting up (START)TLS support for a Postfix mail server. Once done, let’s trouble shoot the installation since configuring this things never go right at the first try :)
WordPress 4.3.1 – Protecting the RPC interface against brute forcing bypassing request rate limits
This article takes discusses a particular vulnerability allowing an attacker to bypass web server rate limits. Instead of the attacker sending one query with a one password, the script sends one query with 500 passwords via xmlrpc API. There are various ways to prevent this from happen. Let’s see how…
Computer Security White Papers available in the European Institutions bookshop
The EU Bookshop contains thousands of papers published by the European Institutions, in all possible domains. Some of these documents are about information security and they are quite interesting.
DEVOXX on Security
We, the DEVOXX 2015 Security track team, want to increase security awareness among software and hardware developers. We want to make this year’s track about understanding how to break things, and knowing that this understanding allows developers to design and build more secure systems. Security has to be by design, not by feature, use case or layer. In this spirit, we would like to invite you to submit talks around the subjects on how to stress security of software projects and on how to deal with these aspects as a developer and architect. Any submission of topic ideas is very welcome too.