Skip to content

McHugh Security

Cyber Security Operations

McHugh Security

Cyber Security Operations

  • Blog
  • Security Operations
  • DFIR
  • Vuln. Mgmt
  • Open-Source Intelligence
Blog

What is Cyber Threat Intelligence?

  • Adam McHugh
  • Posted on September 5, 2020
  • No Comments

Intelligence is the enrichment of data or information, its classification and publication by experts within a field. The resultant output is ordinarily a qualitative assessment backed by quantitative metrics, or…

Read More
Blog

Building a MISP Threat Feed Aggregator

  • Adam McHugh
  • Posted on September 5, 2020
  • No Comments

Over the last few months I have been working away on several work tasks which have had me hunting for threats within an immensely complex environment. Part of this hunt…

Read More
Blog

TraceLabs Missing Persons 11th of April 2020

  • Adam McHugh
  • Posted on April 12, 2020
  • No Comments

I have posted before on participating in other TraceLabs events (such as the Australian Federal Police Missing Persons Hackathon), so here goes a brief recounting of my experiences with a…

Read More
Blog

OSINT for Missing Persons (Part 1 – Intro)

  • Adam McHugh
  • Posted on April 10, 2020
  • No Comments

Sometime ago I participated in an event run by TraceLabs in conjunction with the Australian Federal Police to locate pieces of information for missing persons across Australia. The twist on…

Read More
Blog

Deploying (and using) TheHive4 [Part 1]

  • Adam McHugh
  • Posted on April 5, 2020
  • No Comments

I have been an off and on user of TheHive for nearly a year now, and it is encouraging to see the development and release of TheHive4 (even if in…

Read More
Security Operations

Threat hunting with Elasticsearch and Kibana (Part 1)

  • Adam McHugh
  • Posted on April 5, 2020
  • No Comments

As part of my final Masters degree research component I have been collecting data from honeypots which I have seeded around the globe. The objective being to distil this data…

Read More
Blog

OSINT for Threat Intelligence

  • Adam McHugh
  • Posted on March 14, 2020
  • No Comments

It seems to be a significant buzzword nowadays, but Threat Intelligence is available in an abundance from a wide range of curators and commercial suppliers. So what does it take…

Read More
Security Operations

Loading Windows Event Logs to Elasticsearch

  • Adam McHugh
  • Posted on January 13, 2020
  • No Comments

So whilst playing through an element of Kringlecon 2019 I came across a task which didn't really suit my Christmas challenge of going to Linux full-time. One such challenge involved…

Read More
Blog

Building a Cuckoo Sandbox

  • Adam McHugh
  • Posted on May 29, 2019
  • No Comments

Sometimes there is a need to analyse files in a live environment where their composition and provenance may not be entirely certain. For the most part we can try to…

Read More
Security Operations

Extracting RAM from VirtualBox session

  • Adam McHugh
  • Posted on May 29, 2019
  • No Comments

Over the last few months I have been playing with Cuckoo, and reworking its function to suit my own requirements. Part of this has involved the separation of components within…

Read More

Recent Posts

  • What is Cyber Threat Intelligence?
  • Building a MISP Threat Feed Aggregator
  • TraceLabs Missing Persons 11th of April 2020
  • OSINT for Missing Persons (Part 1 – Intro)
  • Deploying (and using) TheHive4 [Part 1]

Recent Comments

  • Adam McHugh on Threat hunting with Elasticsearch and Kibana (Part 1)
  • 4en6 on Threat hunting with Elasticsearch and Kibana (Part 1)
  • TraceLabs Missing Persons 11th of April 2020 – McHughSecurity on OSINT for Missing Persons (Part 1 – Intro)

Archives

  • September 2020
  • April 2020
  • March 2020
  • January 2020
  • May 2019

Categories

  • Uncategorized

Copyright © All rights reserved. Proudly powered by WordPress | Theme: Web Log by ThemeMiles.