Skip to content

McHughSecurity

  • Home
  • Blog
  • Security Operations
  • DFIR
    • Reverse Engineering
      • Dynamic Analysis
      • Static Analysis
  • Vuln. Mgmt
  • Intelligence
    • Open-Source Intelligence
    • Threat Intelligence
      • AIL Framework
      • MISP – Open Source Threat Intelligence Platform
      • OpenCTI
  • Threat Modelling
    • Attack Libraries
    • Attack Trees
    • Mitigating Techniques
    • SaaS Threat Modelling
    • Threat Models
    • Tools
    • Validating Threat Mitigations
  • Toggle search form
  • [Part 4] Building a Threat Integration and Testing Lab – MISP Threat Intelligence Sharing Platform Build
  • Hardening TheHive4 and Cortex for public deployment Build
  • An Introduction to Threat Intelligence Threat Intelligence
  • Building a MISP Threat Feed Aggregator Blog
  • Using the Estimative Language Taxonomy in MISP MISP - Open Source Threat Intelligence Platform
  • Loading Windows Event Logs to Elasticsearch Digital Forensics & Incident Response
  • External Analysis with VirusTotal Digital Forensics & Incident Response
  • Feeding Analysis Information Leak (AIL) Framework AIL Framework

Category: Open-Source Intelligence

TraceLabs Missing Persons 11th of April 2020

Posted on April 12, 2020 By A.McHugh No Comments on TraceLabs Missing Persons 11th of April 2020

I have posted before on participating in other TraceLabs events (such as the Australian Federal Police Missing Persons Hackathon), so here goes a brief recounting of my experiences with a US missing persons event.

Read More “TraceLabs Missing Persons 11th of April 2020” »

Open-Source Intelligence

OSINT for Missing Persons (Part 1 – Intro)

Posted on April 10, 2020 By A.McHugh 2 Comments on OSINT for Missing Persons (Part 1 – Intro)

Sometime ago I participated in an event run by TraceLabs in conjunction with the Australian Federal Police to locate pieces of information for missing persons across Australia. The twist on this event being it was gamified to allow competing teams to try and beat each other to amass the most amount of points according to a points award system.

I will now be competing in the Missing Persons CTF on the 11th of April 2020, and in the lead up to this now virtual CTF – I will be building some more capable infrastructure and tooling to support this challenge.

So for those new starters, what do you need as a bare minimum to start digging and submitting indicators?

Read More “OSINT for Missing Persons (Part 1 – Intro)” »

Open-Source Intelligence

OSINT for Threat Intelligence

Posted on March 14, 2020 By A.McHugh No Comments on OSINT for Threat Intelligence

It seems to be a significant buzzword nowadays, but Threat Intelligence is available in an abundance from a wide range of curators and commercial suppliers.

So what does it take to correlate observables such as precursors to determine if they are an indicator of compromise, and by whom have they been generated?

Read More “OSINT for Threat Intelligence” »

Blog, Open-Source Intelligence

Recent Posts

  • Auto-updating Ubuntu 20.04 in less than 2 minutes
  • Feeding Analysis Information Leak (AIL) Framework
  • An Introduction to Threat Intelligence
  • Deploying MISP on DigitalOcean or Vultr Cloud Hosting
  • Building CCCS’ AssemblyLine for Static Analysis

Search

Recent Posts

  • Auto-updating Ubuntu 20.04 in less than 2 minutes
  • Feeding Analysis Information Leak (AIL) Framework
  • An Introduction to Threat Intelligence
  • Deploying MISP on DigitalOcean or Vultr Cloud Hosting
  • Building CCCS’ AssemblyLine for Static Analysis

Archives

  • April 2022
  • July 2021
  • June 2021
  • May 2021
  • April 2021
  • March 2021
  • February 2021
  • January 2021
  • September 2020
  • April 2020
  • March 2020
  • January 2020
  • May 2019
  • [Part 2] Building a Threat Integration and Testing Lab – Elastic Cloud Enterprise (On-Premises) Build
  • Hardening TheHive4 and Cortex for public deployment Build
  • Threat hunting with Elasticsearch and Kibana (Part 1) Digital Forensics & Incident Response
  • External Analysis with VirusTotal Digital Forensics & Incident Response
  • Exporting Maltego Graphs to MISP Intelligence
  • Auto-updating Ubuntu 20.04 in less than 2 minutes Operate
  • Building TheHive4 (4.0.5) and configuring MISP, Cortex and Webhooks. Digital Forensics & Incident Response
  • Feeding Analysis Information Leak (AIL) Framework AIL Framework

Categories

  • AIL Framework
  • Blog
  • Build
  • Design
  • Digital Forensics & Incident Response
  • Frameworks
  • Intelligence
  • MISP – Open Source Threat Intelligence Platform
  • Open-Source Intelligence
  • Operate
  • Security Operations
  • Static Analysis
  • Threat Intelligence

Copyright © 2022 McHughSecurity.

Powered by PressBook News Dark theme