-
Hack The Box [HTB] Review
Click or not...: Hack The Box [HTB] ReviewAt the time of this writing, I’m a bit on the fence with HackTheBox.com. On one hand they offer VM’s, training and certifications for a very decent price. On the other hand, I found the support to be lacking, the lessons to be wrong in various instructions and it left me frustrated at times. Pricing… Read more...
-
Hack The Box: Issues with Net Cat
Click or not...: Hack The Box: Issues with Net CatGoing through some material at Hack the Box (HTB), I came across various lessons that I couldn’t get past. I’m not fluent in NetCat, and it comes in many different variations, so I got stumped with the content of the course. The course content details setting up a listener using NetCat. The methodology however, isn’t… Read more...
-
ParrotOS: Fix Sherlock
Click or not...: ParrotOS: Fix SherlockThe existing version of ParrotOS has a bug with social media lookup app, Sherlock. Specifically Sherlock has a bug where the version installed on ParrotOS won’t run (0.14.0). It requests you upgrade to 0.14.3. This upgrade can’t be done through apt, as ParrotOS will only pull down 0.14.0. To fix this, we need to download… Read more...
-
ElastAlert2 To Process ELK Notifications
Click or not...: ElastAlert2 To Process ELK NotificationsYelp created a repository to aid in the processing of notifications via ELK logs. This repo went dormant, but another fork of it ElastAlert2 has replaced it. For me, this is personally an amazing application. I can get notifications, without having to buy into a commercial license. Setup Source: https://elastalert2.readthedocs.io/en/latest/running_elastalert.html#as-a-python-package It requires Python 3.11+ If… Read more...
-
ELK: Creating a HTTP Status Code Graph
Click or not...: ELK: Creating a HTTP Status Code GraphHaving a graph showing HTTP Status codes over time is incredibly useful. A stacked bar graph can show an increase or decrease in one status code (such as 500 level), providing extreme usefulness at a glance. Consider the graph depicted at top of this article. We’re going to make that, but we’ll need access to… Read more...
-
Elastic’s Pricing Problem
Click or not...: Elastic’s Pricing ProblemI really love Elastic and their product lineup. They have some amazing options and the fact you can get started for FREE is a very strong plus. As a SIEM, the ELK stack (Elastic, Logstash, Kibana) is snappy, responsive, and consistent. Once I setup the index rotation I never have a problem with stability. But… Read more...
-
Obsidian Notes
Click or not...: Obsidian NotesI am a consummate note taker. For me, my blogs, are themselves giant notebooks. When I take notes I’ve used tools like EverNote and more recently, Obsidian. Obsidian is a light-weight note taking application that can interweave your notes together, creating relationships between notes. It all starts with the vault. A vault is a central… Read more...
-
OSINT Toolkit
Click or not...: OSINT ToolkitDeveloper dev-lu has created a web application called the “OSINT Toolkit.” While I feel the name is a mismatch to its functionality, this is still a very useful little application. With a tiny modification in the docker-compose.yml, it can be stood up on a server and used to investigate potential threats. It’s also very light-weight.… Read more...
-
Elastic: Managing Memory
Click or not...: Elastic: Managing MemoryWhen I first stood up ELK on my home server, and later at the office on a VM, it didn’t dawn on me the impact of memory. While my work situation needed more memory, for more processing, my home environment was getting pummeled by the 50% memory consumption. According to Elastic documentation, their use of… Read more...
-
Using WayBack Machine to Gain Access
Click or not...: Using WayBack Machine to Gain AccessMany years ago, a projected called “The Way Back Machine” (archive.org) was started. It was a simple concept, act as a search engine by indexing internet content, but do it by a timeline. This way, archive.org can show us what a website looked like 3 years ago, 5 years ago, 10 years ago and so… Read more...
Recent Posts
- Wazuh: When things go wrong
- CSRF Exploitation
- ZAP and it’s terrifying problems
- Getting Data on Usernames
- Installing GHunt
Tags
App Archive.org CSRF dashboard EDR elasticsearch elk email Exercise EXIF filebeat GHunt Google Earth gvm IDS kibana logic Maltego OpenCTI openvas OSINT owasp philosophy Reporting Reverse Image Search scanner suricata Wazuh ZAP