Blog

My DFIR Blog

And other Cyber related things

Let me start by stating this is not an exploit or a vulnerability in LastPass. This is just extracting any data that may remain in memory during a forensics acquisition. At some point the data must be in clear.

I was reading the Art Of Memory Forensics, (if you don't own this I highly recommend...

Continue reading...

I recently needed to deploy an IDS and full packet capture on a small network. Fortunately the open source community has had such a thing for a while. Security Onion.

A Linux distro for intrusion detection, network security monitoring, and log management. It's based on Ubuntu and contains Snort,...

Continue reading...

Before I begin this post let me get the following statements out of the way.

I Am NOT A Lawyer. The use of the Tools and Techniques discussed in this post may not be legal in your country. The original credit for the discovery belongs to Shawn Denbow and Jesse Hertz. All I did was expand on their...

Continue reading...

This post is old. If you want to deploy an IDS at home I suggest looking at https://securityonion.net/ which provides an open source Security Appliance with Snort and many other features.

An Intrusion Detection System at is simplest is a network monitoring tool. It is designed to match patter...

Continue reading...

In my previous post I had decided / was forced to replace ESXi with ProxMox and that it was capable of running OpenVZ containers, which was something I wanted to play more with.

OpenVZ Containers are a method of OS virtualization that can create multiple, secure, isolated Linux containers. Each...

Continue reading...