Skip to content

McHughSecurity

  • Home
  • Blog
  • Security Operations
  • DFIR
    • Reverse Engineering
      • Dynamic Analysis
      • Static Analysis
  • Vuln. Mgmt
  • Intelligence
    • Open-Source Intelligence
    • Threat Intelligence
      • AIL Framework
      • MISP – Open Source Threat Intelligence Platform
      • OpenCTI
  • Threat Modelling
    • Attack Libraries
    • Attack Trees
    • Mitigating Techniques
    • SaaS Threat Modelling
    • Threat Models
    • Tools
    • Validating Threat Mitigations
  • Toggle search form
  • Building CCCS’ AssemblyLine for Static Analysis Static Analysis
  • [Part 1] Building a Threat Integration and Testing Lab Build
  • Using the Estimative Language Taxonomy in MISP MISP - Open Source Threat Intelligence Platform
  • Using the Data Classification Taxonomies in MISP MISP - Open Source Threat Intelligence Platform
  • Building a parallel-analysis Cuckoo server Digital Forensics & Incident Response
  • Cuckoo Dynamic Malware Analysis Digital Forensics & Incident Response
  • [Part 2] Building a Threat Integration and Testing Lab – Elastic Cloud Enterprise (On-Premises) Build
  • Deploying (and using) TheHive4 [Part 1] Build

Category: Operate

Auto-updating Ubuntu 20.04 in less than 2 minutes

Posted on April 26, 2022April 26, 2022 By A.McHugh No Comments on Auto-updating Ubuntu 20.04 in less than 2 minutes

If you are like me and deploy lots of small instances of VMs all over the place for various functions, you will find applying updates to them all consistently and in a responsive manner a logistical issue. Fortunately, there is an auto-update function within Ubuntu which can be configured in a few minutes.

Read More “Auto-updating Ubuntu 20.04 in less than 2 minutes” »

Operate

Loading Windows Event Logs to Elasticsearch

Posted on January 13, 2020 By A.McHugh No Comments on Loading Windows Event Logs to Elasticsearch

So whilst playing through an element of Kringlecon 2019 I came across a task which didn’t really suit my Christmas challenge of going to Linux full-time. One such challenge involved a Windows Event Log file with no ready access to a Linux derivitive of Event Viewer. My Kali laptop for my Christmas challenge was already…

Read More “Loading Windows Event Logs to Elasticsearch” »

Digital Forensics & Incident Response, Operate

Extracting RAM from VirtualBox session

Posted on May 28, 2019 By A.McHugh No Comments on Extracting RAM from VirtualBox session

Over the last few months I have been playing with Cuckoo, and reworking its function to suit my own requirements. Part of this has involved the separation of components within Cuckoo into functional units. This particular component relates to extracting the RAM from a VirtualBox machine for analysis after ceasing the VM. For this to…

Read More “Extracting RAM from VirtualBox session” »

Digital Forensics & Incident Response, Operate

Recent Posts

  • Auto-updating Ubuntu 20.04 in less than 2 minutes
  • Feeding Analysis Information Leak (AIL) Framework
  • An Introduction to Threat Intelligence
  • Deploying MISP on DigitalOcean or Vultr Cloud Hosting
  • Building CCCS’ AssemblyLine for Static Analysis

Search

Recent Posts

  • Auto-updating Ubuntu 20.04 in less than 2 minutes
  • Feeding Analysis Information Leak (AIL) Framework
  • An Introduction to Threat Intelligence
  • Deploying MISP on DigitalOcean or Vultr Cloud Hosting
  • Building CCCS’ AssemblyLine for Static Analysis

Archives

  • April 2022
  • July 2021
  • June 2021
  • May 2021
  • April 2021
  • March 2021
  • February 2021
  • January 2021
  • September 2020
  • April 2020
  • March 2020
  • January 2020
  • May 2019
  • Feeding Analysis Information Leak (AIL) Framework AIL Framework
  • Deploying (and using) TheHive4 [Part 1] Build
  • External Analysis with VirusTotal Digital Forensics & Incident Response
  • [Part 1] Building a Threat Integration and Testing Lab Build
  • Threat hunting with Elasticsearch and Kibana (Part 1) Digital Forensics & Incident Response
  • Building a MISP Threat Feed Aggregator Blog
  • Loading Windows Event Logs to Elasticsearch Digital Forensics & Incident Response
  • Building Structured Threat Intelligence (STIX) from FBI notices MISP - Open Source Threat Intelligence Platform

Categories

  • AIL Framework
  • Blog
  • Build
  • Design
  • Digital Forensics & Incident Response
  • Frameworks
  • Intelligence
  • MISP – Open Source Threat Intelligence Platform
  • Open-Source Intelligence
  • Operate
  • Security Operations
  • Static Analysis
  • Threat Intelligence

Copyright © 2022 McHughSecurity.

Powered by PressBook News Dark theme