Clik here to view.
Toolsmith #124: Dripcap - Caffeinated Packet Analyzer
Dripcap is a modern, graphical packet analyzer based on Electron. Electron, you say? "Electron is a framework for creating native applications with web technologies like JavaScript, HTML, and CSS. It...
View ArticleClik here to view.
Toolsmith #125: ZAPR - OWASP ZAP API R Interface
It is my sincere hope that when I say OWASP Zed Attack Proxy (ZAP), you say "Hell, yeah!" rather than "What's that?". This publication has been a longtime supporter, and so many brilliant contibutors...
View ArticleClik here to view.
Toolsmith #126: Adversary hunting with SOF-ELK
As we celebrate Independence Day, I'm reminded that we honor what was, of course, an armed conflict. Today's realities, when we think about conflict, are quite different that the days of lining troops...
View ArticleClik here to view.
Toolsmith #127: OSINT with Datasploit
I was reading an interesting Motherboard article, Legal Hacking Tools Can Be Useful for Journalists, Too, that includes reference to one of my all time OSINT favorites, Maltego. Joseph Cox's article...
View ArticleClik here to view.
Toolsmith Release Advisory: Magic Unicorn v2.8
David Kennedy and the TrustedSec crew have released Magic Unicorn v2.8.Magic Unicorn is "a simple tool for using a PowerShell downgrade attack and inject shellcode straight into memory, based on...
View ArticleClik here to view.
Toolsmith Tidbit: Windows Auditing with WINspect
WINSpect recently hit the toolsmith radar screen via Twitter, and the author, Amine Mehdaoui, just posted an update a couple of days ago, so no time like the present to give you a walk-through....
View ArticleClik here to view.
toolsmith #128 - DFIR Redefined: Deeper Functionality for Investigators with...
“To competently perform rectifying security service, two critical incident response elements are necessary: information and organization.” ~ Robert E. DavisI've been presenting DFIR Redefined: Deeper...
View ArticleMcRee added to ISSA's Honor Roll for Lifetime Achievement
HolisticInfoSec's Russ McRee was pleased to be added to ISSA International's Honor Roll this month, a lifetime achievement award recognizing an individual's sustained contributions to the information...
View ArticleClik here to view.
toolsmith #129 - DFIR Redefined: Deeper Functionality for Investigators with...
You can have data without information, but you cannot have information without data. ~Daniel Keys MoranHere we resume our discussion of DFIR Redefined: Deeper Functionality for Investigators with R as...
View ArticleClik here to view.
toolsmith #130 - OSINT with Buscador
First off, Happy New Year! I hope you have a productive and successful 2018. I thought I'd kick off the new year with another exploration of OSINT. In addition to my work as an information security...
View ArticleClik here to view.
toolsmith #131 - The HELK vs APTSimulator - Part 1
Ladies and gentlemen, for our main attraction, I give you...The HELK vs APTSimulator, in a Death Battle! The late, great Randy "Macho Man" Savage said many things in his day, in his own special way,...
View ArticleClik here to view.
toolsmith #132 - The HELK vs APTSimulator - Part 2
Continuing where we left off in The HELK vs APTSimulator - Part 1, I will focus our attention on additional, useful HELK features to aid you in your threat hunting practice. HELK offers Apache Spark,...
View ArticleClik here to view.
toolsmith #133 - Anomaly Detection & Threat Hunting with Anomalize
When, in October and November's toolsmith posts, I redefined DFIR under the premise of Deeper Functionality for Investigators in R, I discovered a "tip of the iceberg" scenario. To that end, I'd like...
View ArticleMoving blog to HolisticInfoSec.io
toolsmith and HolisticInfoSec have moved.I've decided to consolidate all content on one platform, namely an R markdownblogdown site running with Hugo for static HTML creation. My frustration with...
View Article