-
Using WayBack Machine to Gain Access
Click or not...: Using WayBack Machine to Gain AccessMany years ago, a projected called “The Way Back Machine” (archive.org) was started. It was a simple concept, act as a search engine by indexing internet content, but do it by a timeline. This way, archive.org can show us what a website looked like 3 years ago, 5 years ago, 10 years ago and so Read more...
-
Hunchly: OSINT Capturing Utility
Click or not...: Hunchly: OSINT Capturing UtilityLet me tell you about my favorite little browser extension: Hunchly. Hunchly is an extension that works in Chromium based browsers (Brave, Chrome, Chromium). Once added, you use the desktop app to setup a new case. Then in the browser extension, you pick the case you want to capture to. Once set, the browser extension Read more...
-
OSINT: Sofia’s Exercise #3
Click or not...: OSINT: Sofia’s Exercise #3In this exercise, Sr. Analyst Sofia Santos, asks us to name and give the location of an image. The image in question is one of two people (looks like people of importance) shaking hands. We’re even the headline for the photo, “Somalia President makes first International State visit to Turkey.” Reference to Sofia Santos’ Exercise Read more...
-
OpenCTI: A Brief Intro
Click or not...: OpenCTI: A Brief IntroAnother security tool I recently came across, is OpenCTI. OpenCTI is a Cyber Threat Intelligence platform. What that means, is that it crowdsources data from various partners, and visualizes the dynamically changing relationships of these security events. Your own data can be pulled in as well, to find interconnections with data reported from a variety Read more...
-
Maltego: A Brief Intro
Click or not...: Maltego: A Brief IntroI had no idea the scope of power that Maltego brought to OSINT (open source intelligence), until recently. If you’re unfamiliar with the term OSINT, it is a process of passive data collection and analysis. Without using any active scans, or intrusions, data is collected instead from the public sector. “Couldn’t I just google it,” Read more...
-
OSINT: Sofia’s Exercise 6
Click or not...: OSINT: Sofia’s Exercise 6A very impressive Sr. OSINT analyst/investigator is Sofia Santos. She posts videos on Youtube about discovering truth about image and video data. She also manages a blog that has (among other things) OSINT exercises. Some, well most, of her exercises are very challenging. However, exercise #006 is tagged as “easy.” Check it out below, and Read more...
-
ELK ILM
Click or not...: ELK ILMELK uses a watermark, when disk space reaches X% (90% I believe), it stops performing, and shuts down services. For this reason it’s important to have a good sense of data maintenance. How long do you need your data? 5 days? 7 days? 30 days? How much disk space do you have available to you? Read more...
-
ELK Migration Woes: PUT values without Kibana
Click or not...: ELK Migration Woes: PUT values without KibanaI’ve been upgrading my home ELK stack from from 7.17.* to 8.7.*. In the process I got to a state where elasticsearch was running, filebeat was running, but Kibana was failing. Doing a systemctl status kibana reported something about : cluster.routing.allocation.enable needing to be set to 'All' Looking this up, got me to this ElasticSearch Read more...
-
Easier Ways to install GVM (OpenVAS)
Click or not...: Easier Ways to install GVM (OpenVAS)Early in the year a leader in the DevOps team at my job asked me if I wouldn’t mind taking on a project in my free time. The project was to install GVM (formerly known as OpenVAS) on a VM, which would target key systems for security audits. Our goal was also to setup an Read more...
-
QA Lab Monitoring with ELK
Click or not...: QA Lab Monitoring with ELKELK I got into the ELK (Elasticsearch, Logstash, Kibana) stack when I started working with an IDS called Suricata. I needed a front end to discern the data events happening on the network and ELK was a natural fit for Suricata. ELK provides a way of shipping and analyzing data from various sources. Data events Read more...
Recent Posts
- Customized Visualizations in Kibana (Calendar)
- Wazuh: When things go wrong
- CSRF Exploitation
- ZAP and it’s terrifying problems
- Getting Data on Usernames
Tags
App Archive.org CSRF dashboard EDR elasticsearch elk email Exercise EXIF filebeat GHunt Google Earth gvm IDS kibana logic Maltego OpenCTI openvas OSINT owasp philosophy Reporting Reverse Image Search scanner suricata Wazuh ZAP