Information Security Daily News

| | security bloggers network
While a co-worker basks in sunny Hawaii, I've taken over his task of sending out a short email with information security news. Never one to waste keystrokes, thought I'd post the briefings here as well.Information Security News for January 25, 2018ADOBE PATCHES FLASH PLAYER, 56 BUGS IN READER AND ACROBAThttps://threatpost.com/adobe-patches-flash-player-56-bugs-in-reader-and-acrobat/128876/INTEL ... Read More

Transitioning from Blue Team to Red Team

| | security bloggers network
I moved from Desktop Supervisor to Network Security in 2000. I did Blue Team for two companies from 2000 until early this year. At that point I was given an opportunity to move to Red Team as the company's in-house penetration tester. Starting in a new discipline in Network Security ... Read More

Making a simple network traffic graph with tshark and afterglow

|
Outputting a pcap file for CSV format for using afterglow. pl and neato (Graphviz) to create a graphTo make a simple source and destination graph..First make the capture file using tcpdumptcpdump -nn -i -qThen use tshark to extract the source and destination IP address and output to a comma separated ... Read More

DerbyCon 7 videos

|
Full list of DerbyCon 7 videos of presentations here:http://www.irongeek.com/i.php?page=videos/derbycon7/mainlist ... Read More

Cyber Chef

|
Nice site at https://gchq.github.io/CyberChef/ - Allows you to do all sorts of conversions of data format, generate encoding and encryption, parse network data, extract strings, IPs, email addresses, etc., analyze hashes and a lot more ... Read More

DerbyCon 7 Live Stream

|
If you weren't fortunate to get a ticket to DerbyCon this year, the conference will once again be live streaming talks. More information will be available closer to the conference at www.derbycon.com.But did you know every talk (almost) is also available for viewing after the conference is over? You can ... Read More

Simple Username Harvesting (from SANS SEC542)

|
Go to a web site that requires a login. Put in any username with any password. Did the page come back with both the User and Password fields blank? Now put YOUR username in, but with some password you make up. Does the form come back with your username in ... Read More

Using Wildcards To Change the Functionality of Search

| | http, moloch, search fields, uri
In the packet capture framework Moloch, there are a large variety of keywords you can use to grep through packets, such as http.uri. An http.uri query would look something like this:http.uri == "misc.php?v=4112&js=js" That's a powerful tool, but what if you wanted to just see all packets with an URI ... Read More

msfrpcd

|
Did you forget the PostgresSQLcredentials to start msfrpcd in your Metasploit instance? There's a quick way to recover that username and password. Open up msfconsole, and run the command "load msgrpc". You'll get output like this:msf > load msgrpc[*] MSGRPC Service: 127.0.0.1:55552[*] MSGRPC Username: msf[*] MSGRPC Password: aKCU4AgT[*] Successfully loaded ... Read More
PacketTotal

PacketTotal

| | analysis, packettotal, pcap, SANS, storm center
The SANS Storm Center did a diary article on PacketTotal, which you can find here. PacketTotal is a (free) site where you upload a pcap (up to 50 Mb) and the site will analyze it and give you an console view that includes malicious or suspicious activity as well as ... Read More
Loading...