Threat actors love to attack over the holidays. Think about it – during what other time of year are so many defenders distracted, taking time…
I’ve enjoyed running through SIEM challenges recently – there’s something satisfying about sifting through the noise to find the one network event you need. Sometimes…
Recently I’ve been learning to use Kibana as part of the Elasticstack (formerly the ELK stack), frequently used for data visualization and analysis. It’s particularly…
Armitage is an extension written in Java for the free Metasploit command and control (C2) framework. It adds a GUI and the ability the collaborate…
What is YARA? YARA is a program that can detect patterns in binary or text. The name is an acronym – “Yet Another Ridiculous Acronym”,…
For the past few months, I’ve been investigating a network of websites used for scamming. I’ll have a separate write up once it’s complete, but…
The most common use of command line tool nmap is to enumerate which ports are open and which services are running on the targets. There…