Blog

My DFIR Blog

And other Cyber related things

This is a fairly detailed blog post on the pain we went through to get Arbitrary File Read (CVE-2020-10560) in an open-source platform that involved writing a custom crypto cracking tool!. Before we get to that let's start at the beginning.

OSSN

The Open Source Social Network (OSSN) is, well ju...

Continue reading...

This is a story about an XSS vulnerability on a website for a popular UK restaurant chain which from this point forward I will simply refer to as "Shenanigan's". The interesting thing is not, in fact, the XSS vulnerability but is about bypassing the Web Application Firewall that was protecting it.

...

Continue reading...

For the last year, I have been the Director of Content for ImmersiveLabs. I lead a team of people that create practical cyber training labs that can be delivered in a browser.

As part of this, I spend a lot of time creating docker containers and small applications or vulnerable services. For m...

Continue reading...

Its been a few months since I wrote about my new project PasteHunter When I first wrote the app it was a fairly simple single threaded app that followed a simple work flow:

  • Fetch list of pastes
  • Fetch each paste
  • Scan paste with yara
  • Write to elastic search

This was a good start but I wanted...

Continue reading...

From a security analytics and Threat Intelligence perspective Pastebin is a treasure trove of information. All content that is uploaded to pastebin and not explicitly set to private (which requires an account) is listed and can be viewed by anyone.

tl;dr Using Yara Rules to find and save interes...

Continue reading...