Blog

My DFIR Blog

And other Cyber related things

Its been a few months since I wrote about my new project PasteHunter When I first wrote the app it was a fairly simple single threaded app that followed a simple work flow:

  • Fetch list of pastes
  • Fetch each paste
  • Scan paste with yara
  • Write to elastic search

This was a good start but I wanted...

Continue reading...

From a security analytics and Threat Intelligence perspective Pastebin is a treasure trove of information. All content that is uploaded to pastebin and not explicitly set to private (which requires an account) is listed and can be viewed by anyone.

tl;dr Using Yara Rules to find and save interes...

Continue reading...