I published the following diary on isc.sans.edu: “DSSuite – A Docker Container with Didier’s Tools“: If you follow us and read our daily diaries, you probably already know some famous tools developed by Didier (like oledump.py, translate.py and many more). Didier is using them all the time to analyze malicious
In January, I developed a tool to sniff Wi-Fi SSIDs. I decided to call it ‘hoover‘ (based on the vacuum cleaner brand). The original post is here. I’m often running this tool in my area to detect the presence of some people in the neighborhood or when I’m staying at hotels.
We (and I’m fully part of it) deploy and use plenty of security monitoring tools daily. As our beloved data is often spread across complex infrastructures or simply across multiple physical locations, we have to collect interesting information and bring them in a central place for further analysis. That’s called
After some wrap-ups, let’s come back with a more practical blog post. I like to keep a good balance between hands-on and wrap-ups or theoretical articles. Today, it’s almost impossible to implement a good security without buying some commercial tools. At least, you have a corporate firewall provided by a
The idea of this article popped in my mind after a colleague of mine asked me to investigate a security incident. Nothing brand new, a customer’s server not properly patched and secured was pwned. I found that the server was hit by the JBoss worm which started to spread in
Appliance or not appliance? That is the question! A computer appliance is a dedicated hardware which runs software components to offer one of more specific services. Information security has always been and is, still today, a common place where to deploy appliances: firewalls, proxies, mail relays, authentication servers, log management,
All good pentesters have their own “survival kit” with a lot of tools and scripts grabbed here and there. Here is a new one released a few days ago: FacebookPasswordDecryptor. “FacebookPasswordDecryptor – small, simple, free, and yet truly reliable application that helps you recover stored Facebook account passwords, quickly and
OpenSSH is a common tool for most of network and system administrators. It is used daily to open remote sessions on hosts to perform administrative tasks. But, it is also used to automate tasks between trusted hosts. Based on public/private key pairs, hosts can exchange data or execute commands via
Infosec guys are lazy people. At least in my case! There is nothing much boring that typing long shell commands or to perform recurrent tasks. After all, computers are made to make our life easier. Let them work for us! UNIX is a wonderful environment. There are plenty ways to
Is there a way to make your Windows environment certainly not bullet-proof but stronger enough against attacks? A few weeks ago, Microsoft released an interesting add-on called EMET for its Windows operating systems range. EMET stands for “Enhanced Mitigation Experience Toolkit” and is designed to increase the security of your
