Skip to content
/dev/random

/dev/random

"If the enemy leaves a door open, you must rush in." – Sun Tzu

  • About Me
    • About Me
    • Online Presentations
    • PGP Public Key
  • Disclaimer
  • Tools
    • alerts2afterglow
    • hoover
    • inotes.py
    • known_hosts_bruteforcer
    • pastemon
    • oplb
    • ossec_dashboard
    • ossec2dshield
    • twittermon
    • rrhunter
    • syslog2loggly

Tag: NetFlow

SANS ISC

[SANS ISC] “OG” Tools Remain Valuable

October 10, 2018 Incident Management, SANS Internet Storm Center, Security Leave a comment

I published the following diary on isc.sans.edu: “‘OG’ Tools Remain Valuable“: For vendors, the cybersecurity landscape is a nice place to make a very lucrative business. New solutions and tools are released every day and promise you to easily detect malicious activities on your networks. And it’s a recurring story.

Continue reading »

Stay in Touch

RSS Twitter LinkedIn

Upcoming Events

Here is a list of events that I will attend and cover via Twitter and wrap-ups. Ping me if you want to meet! The list is regularly updated.

BruCON 0x0B
Botconf
SANS London 2019

Recent Articles

  • BotConf 2019 Wrap-Up Day #3
  • BotConf 2019 Wrap-Up Day #2
  • BotConf 2019 Wrap-Up Day #1
  • DeepSec 2019 Wrap-Up Day #2
  • DeepSec 2019 Wrap-Up Day #1

Popular Articles

  • Show me your SSID's, I'll Tell Who You Are! 37,261 views
  • Keep an Eye on SSH Forwarding! 35,388 views
  • Sending Windows Event Logs to Logstash 29,206 views
  • Socat, Another Network Swiss Army Knife 25,551 views
  • Check Point Firewall Logs and Logstash (ELK) Integration 25,407 views
  • Forensics: Reconstructing Data from Pcap Files 21,543 views
  • dns2tcp: How to bypass firewalls or captive portals? 20,605 views
  • Vulnerability Scanner within Nmap 18,571 views
  • Post-BruCON Experience - Running a Wall of Sheep in the Wild 17,060 views
  • Bash: History to Syslog 14,963 views

Recent Tweets

  • Alléluia! A real ESC key! pic.twitter.com/DehNq6qcmu

    Yesterday at 08:21

  • [/dev/random] BotConf 2019 Wrap-Up Day #3 blog.rootshell.be/2019/12/06/b… #BotConf2019

    December 6, 2019 17:35

  • Some numbers about #BotConf2019 pic.twitter.com/nSQPuwewRp

    December 6, 2019 15:24

  • “Your $PRODUCT is not perfect” #QOTD #BotConf2019

    December 6, 2019 14:41

  • #BotConf2019, the "Android Malware Edition" (we had a "DGA Edition" previously)

    December 6, 2019 14:33

Time Machine

RSS NVD Vulnerabilities Feed

  • CVE-2019-19596 (gitbook) December 5, 2019
    GitBook through 2.6.9 allows XSS via a local .md file.
  • CVE-2019-19553 (wireshark) December 5, 2019
    In Wireshark 3.0.0 to 3.0.6 and 2.6.0 to 2.6.12, the CMS dissector could crash. This was addressed in epan/dissectors/asn1/cms/packet-cms-template.c by ensuring that an object identifier is set to NULL after a ContentInfo dissection.
  • CVE-2019-19587 (enterprise_integrator) December 5, 2019
    In WSO2 Enterprise Integrator 6.5.0, reflected XSS occurs when updating the message processor configuration from the source view in the Management Console.
  • CVE-2019-19133 (csshero) December 4, 2019
    The CSS Hero plugin through 4.0.3 for WordPress is prone to reflected XSS via the URI in a csshero_action=edit_page request because it fails to sufficiently sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary JavaScript in the browser of an unsuspecting user in the context of the affected site. This may allow […]
  • CVE-2019-7197 (qts) December 4, 2019
    A stored cross-site scripting (XSS) vulnerability has been reported to affect multiple versions of QTS. If exploited, this vulnerability may allow an attacker to inject and execute scripts on the administrator console. To fix this vulnerability, QNAP recommend updating QTS to the latest version.
  • CVE-2013-7325 (debian_linux, devscripts) December 3, 2019
    An issue exists in uscan in devscripts before 2.13.19, which could let a remote malicious user execute arbitrary code via a crafted tarball.
  • CVE-2015-7542 (debian_linux, gwenhywfar, leap) December 3, 2019
    An issue exists in libgwenhywfar through 4.12.0 due to the usage of outdated bundled CA certificates.
  • CVE-2019-5163 (shadowsocks-libev) December 3, 2019
    An exploitable denial-of-service vulnerability exists in the UDPRelay functionality of Shadowsocks-libev 3.3.2. When utilizing a Stream Cipher and a local_address, arbitrary UDP packets can cause a FATAL error code path and exit. An attacker can send arbitrary UDP packets to trigger this vulnerability.
Copyright Xavier Mertens © 2003-2019 | Powered by Xavier Mertens Consulting.
This website uses cookies to improve your experience. By using our services, you agree to our use of cookies. Accept Learn more
Privacy & Cookies Policy

Necessary Always Enabled