-
The ZoomGo script, quickly move anywhere you want to be
February 29, 2008One of the most important traits of being a SysAdmin is laziness (well, not really laziness, but recognizing repetitive action and taking steps to automate it). In the effort to combat repetitive changing directories, I have written a tiny (< 100 lines) Ruby script to handle “zooming” to a particular directory. Firstly, download the script […]
-
Tutorial: Finding the OEP of an Upacked binary file
February 25, 2008…because all the other tutorials I’ve been able to find on this subject are not so easy to read. This is going to be a long post, but hey, at least it’ll have lots of pictures! Alright, in this tutorial I’m going to attempt to explain how to find the OEP (Original Entry Point) of […]
-
Create a passive network tap for your home network
February 22, 2008In my home network, I have a passive tap sitting between my cable modem and my router, instead of spending tons of money, I made my own. They’re surprisingly simple to make, and also extremely simple to use. Let’s start with the wiring, at a local electronics store, I purchased 4 RJ-45 wiring plugs, I […]
-
DC303 meeting this Friday
February 21, 2008I’ll be attending the DC303 meeting this Friday the 22nd (tomorrow), if anyone who reads this lives in the Denver/Metro area, stop by and say “Hi!”, I’d love to meet more information security people in Denver. This’ll be my first time attending, as I only found out about it not that long ago. The meetup […]
-
Hex 1.0.3 released!
February 13, 2008We just released Hex 1.0.3, the Chinese New Year release, although it’s closer to the Valentine’s day release. Congratulations to all the Hex developers for fixing bugs and adding features! You can grab the iso here. [md5] [sha256] Or, grab the iso from the mirror. [md5] [sha256] Since Geek00l already covered a list of the […]
-
Collaborative analysis efforts with simple to use interfaces
February 12, 2008You know what would be really helpful? I mean, actually helpful to people in the security industry as a whole? We need some kind of collaboration tool that allows many different users to view, download, analyze, tag, describe and ask questions about any and all kinds of malware, network captures and security logs. I’ve been […]
-
User-submitted modules: flowtag and clamscan
February 11, 2008I’d like to point out a couple of user-submitted modules for NSM-Console that are now included in the distribution. Firstly, scholar01 has created a ‘flowtag’ module for NSM-Console to use Chris Lee’s excellent Flowtag software for categorizing and tagging network flow for a packet capture. Thanks for the submission scholar01! Secondly, JohnQPublic has created a […]
-
NSM-Console version 0.5 release
February 5, 2008That’s right, no development release this time around. I’ve been trying to get version 0.5 all finished for the Hex 1.0.3 release, and I’m happy to present the newest NSM-Console release! Firstly, you can download NSM-Console version 0.5 here: http://writequit.org/projects/nsm-console/files/nsm-console-0.5.tar.gz Mirror here: https://secure.redsphereglobal.com/data/dakrone/files/nsm-console-0.5.tar.gz Like always, let’s go over some of the new features in this […]
-
Hex and NSM-Console writeup in February ISSA Journal
February 4, 2008Russ, the author of holisticinfosec.org has kindly written up a review of the Hex NSM-liveCD in the February edition of his ‘toolsmith’ column for the ISSA journal. The column is a good 3-4 pages about Hex as well as some of the tools included on the distribution. There’s even a page dedicated to NSM-Console (Although […]