Blog

My DFIR Blog

And other Cyber related things

For the last year, I have been the Director of Content for ImmersiveLabs. I lead a team of people that create practical cyber training labs that can be delivered in a browser.

As part of this, I spend a lot of time creating docker containers and small applications or vulnerable services. For m...

Continue reading...

Its been a few months since I wrote about my new project PasteHunter When I first wrote the app it was a fairly simple single threaded app that followed a simple work flow:

  • Fetch list of pastes
  • Fetch each paste
  • Scan paste with yara
  • Write to elastic search

This was a good start but I wanted...

Continue reading...

From a security analytics and Threat Intelligence perspective Pastebin is a treasure trove of information. All content that is uploaded to pastebin and not explicitly set to private (which requires an account) is listed and can be viewed by anyone.

tl;dr Using Yara Rules to find and save interes...

Continue reading...

tldr; SANS released the 2016 Christmas Holiday Hack Challenge.This serves as my official submitted answer, and my offering to you dear reader in case you want to see how I approached the challenges.

So settle in this is going to be a long post. At the time of writing the challenge is still live an...

Continue reading...

I like Chromebooks! They are cheap, light, easy to use and have great battery life. But they can also be quite limiting sticking to Chrome OS if you need to do some real Dev work.

For the most part Chrome OS is good enough for me. I run a lot of Virtualized Hardware (ESXi) and this can be accessed...

Continue reading...