The Blue Team Blues
Recently presented on the challenges facing the blue team whilst investigating red team activity and the disconnect in the time effort required....
Latest Posts
Is cryptocurrency market manipulation possible via social media?
With the surge in Cryptocurrencies there has been speculation of market manipulations. I was interested to see if such manipulations (or attempts) could be tracked via Twitter....
Extracting a users mapped network shares
During a recent investigation I came across a process communicating with a mapped network share....
BitScout - Remote incident response and digital forensics toolkit
BitScout is a live CD/USB bootable image that enables incident responders to remotely triage systems whilst maintaining data integrity....
Logstash prune filter with json data
When importing JSON data structures into Logstash you can run into some troubles using the logstash-filter-prune plugin....
Open Source Intelligence and Stock Market correlations
Can insight into the stock market be gained by using Open Source Intelligence to track company stock levels? A failed experiment but interesting concept....
Actor name generator - Threat Roulette
For all those threat intelligence folk that need attribution with a hip actor name....
Multizone - a utility for working in multiple time zones
Working in multiple time zones can be difficult. I required a utility that would allow me at a glance to see the current date and time of a zone. Multizone is a simple bash script to fulfil this requirement....
Logstash slow start-up times and exhausting entropy
I spent the better part of two hours debugging a non-responsive Logstash instance. Turns out it was just slow and /dev/random was the culprit....
Kiwicon X - the closing
In November 2016 I attended Kiwicon X, the 10th iteration of New Zealands premier security conference. With 6.3 magnitude earthquakes and electromagnetic guns it was sure an interesting time....