I published the following diary on isc.sans.edu: “How Safe Are Your Docker Images?“: Today, I don’t know any organization that is not using Docker today. For only test and development only or to full production systems, containers are deployed everywhere! In the same way, most popular tools today have a
[SANS ISC] DSSuite – A Docker Container with Didier’s Tools
I published the following diary on isc.sans.edu: “DSSuite – A Docker Container with Didier’s Tools“: If you follow us and read our daily diaries, you probably already know some famous tools developed by Didier (like oledump.py, translate.py and many more). Didier is using them all the time to analyze malicious
“TorWitness” Docker Container: Automated (Tor) Websites Screenshots
The idea of this Docker container came after reading the excellent Micah Hoffman’s blog post:Â Dark Web Report + TorGhost + EyeWitness == Goodness. Like Micah, I’m also receiving a daily file with new websites discovered on the (dark|deep) web (name it as you prefer). This service is provided by @hunchly
[SANS ISC] The easy way to analyze huge amounts of PCAP data
I published the following diary on isc.sans.org: “The easy way to analyze huge amounts of PCAP data“. When you are investigating aÂ security incident, there are chances that, at a certain point, you will have to dive into network traffic analysis. If youâ€™re lucky, youâ€™ll have access to a network capture.
[SANS ISC Diary] Docker Containers Logging
I published the following diary was published on isc.sans.org: Docker Containers Logging.
Running MISP in a Docker Container
MISP (“Malware Information Sharing Platform“) is a free softwareÂ which was initially created by the Belgian Defence to exchange IOC’s with partners like the NCIRC (NATO). Today it became an independent project and is mainly developed by a group of motivated people. MISP is mainly used by CERT’s (“Computer Emergency Response
Incident Handling with Docker Containers
Honestly, I never really played with DockerÂ but…Â For a few weeks, I succumbed to the temptation of playing withÂ Docker thanks to a friend who’s putting everything in docker containers. If you still don’t know Docker, here is a very brief introduction: Docker lets you run applications in a “container“. In this