Sunday, October 27, 2019 Security Operations Centre (SOC)
Being able to detect the presence of threat actors within an organisation is one of many roles inherent to being a SOC analyst. However knowing what to look for can be as frustrating as extricating the threat from an organisation's environment can be equally as frustrating. Fortunately there are public data sources available which may allow researchers and analysts alike to finetune their detective skills using relatively accurate log files.
Monday, October 14, 2019 Open Source Intelligence
In this article I will describe some of the cool things you can do with Google search to assist in your Open Source Intelligence activities. We all pretty much use Google at some point to search for that go to article, or how to guide, but what about actionable intelligence - or a spreadsheet which has been left in the open by mistake? Can Google help us dig up that document so we can use it for intelligence refinement and analysis? This is where Google Hacking / Dorking comes into play.
Monday, October 14, 2019 Open Source Intelligence
I was fortuitous enough to participate in the TraceLabs Missing Persons CTF in October, along with a lot of other people across Australia in finding information which may help in identifying the status of registered missing persons. Myself along with my team come from a diverse background where some of us have some OSINT experience (from a penetration testing background) and some of us knew less or more from other perspectives - we are a diverse team. The lead up to this activity did not involve a huge amount of planning for our team (we had a great deal of work to contend with outside of this CTF), and we really only setup our OSINT machines the evening before, but the most important aspect of what we were trying to achieve (finding indicators for missing people) was in our tactics and methods to locate actionable data for the missing people involved. For sensitivity, I will not be discussing specifics of each case, suffice to say - some cases were much, much harder than others. However, all of which were very challenging!
Monday, September 16, 2019 HackTheBox
It has been a good (9+ months) amount of time since I was last on HTB, but this week I found sometime to have another crack again at something easy to get the gray matter working over again. It took me a couple of days of part-time digging, but here I have my write up on Writeup. Keep in mind, I rarely get into the pentesting game these days, but I like to pick up tools every now and again.