Cuckoo Dynamic Malware Analysis
Cuckoo is an automated dynamic malware analysis platform which allows for the analysis of submitted artefacts within a range of custom configured guest operating systems. Analysis environments may be created…
External Analysis with VirusTotal
VirusTotal is a subsidiary of Alphabet Inc. (which is also the parent company of Google). The service offers static and dynamic artefact analysis through a combination of free and paid…
Exporting Maltego Graphs to MISP
Lately I have been playing with having MISP be the Intelligence Sharing platform for a number of business intelligence functions. However, the main issue with MISP (from a user's perspective)…
What is Cyber Threat Intelligence?
Intelligence is the enrichment of data or information, its classification and publication by experts within a field. The resultant output is ordinarily a qualitative assessment backed by quantitative metrics, or…
Building a MISP Threat Feed Aggregator
Over the last few months I have been working away on several work tasks which have had me hunting for threats within an immensely complex environment. Part of this hunt…
TraceLabs Missing Persons 11th of April 2020
I have posted before on participating in other TraceLabs events (such as the Australian Federal Police Missing Persons Hackathon), so here goes a brief recounting of my experiences with a…
OSINT for Missing Persons (Part 1 – Intro)
Sometime ago I participated in an event run by TraceLabs in conjunction with the Australian Federal Police to locate pieces of information for missing persons across Australia. The twist on…
Deploying (and using) TheHive4 [Part 1]
I have been an off and on user of TheHive for nearly a year now, and it is encouraging to see the development and release of TheHive4 (even if in…
Threat hunting with Elasticsearch and Kibana (Part 1)
As part of my final Masters degree research component I have been collecting data from honeypots which I have seeded around the globe. The objective being to distil this data…
OSINT for Threat Intelligence
It seems to be a significant buzzword nowadays, but Threat Intelligence is available in an abundance from a wide range of curators and commercial suppliers. So what does it take…