OSINT for Threat Intelligence

It seems to be a significant buzzword nowadays, but Threat Intelligence is available in an abundance from a wide range of curators and commercial suppliers. So what does it take to correlate observables such as precursors to determine if they are an indicator of compromise, and by whom have they been generated?

Loading Windows Event Logs to Elasticsearch

So whilst playing through an element of Kringlecon 2019 I came across a task which didn’t really suit my Christmas challenge of going to Linux full-time. One such challenge involved a Windows Event Log file with no ready access to a Linux derivitive of Event Viewer. My Kali laptop for my Christmas challenge was already […]

Follow My Blog

Get new content delivered directly to your inbox.