InfoSec Archive

A long overdue archive of the day to day challenges faced when trying to build -- then break and build again -- secure tools, systems, and networks.

Wednesday, September 9, 2009

Shell based Norton Safeweb Query

Thanks to Webmaster Tips for the reminder about using lynx to pull the content of a web page without saving it to a file. Using their metho...

Sunday, August 23, 2009

Dump all IPs from pcap with tshark

Simple command to dump all IPs from a PCAP using tshark (custom fields are RED): tshark -nr sample.pcap ip awk '{print $3 ; $ 5 }'...

Wednesday, August 19, 2009

Automated Malware Analysis - Lab or Live

The internal debate: A. Lab only (with a minor exception for legit DNS lookups) with all traffic hitting mock services on a mock Internet OR...

Saturday, August 15, 2009

Reverse Engineering Cheat Sheet

Ran across this cheat sheet from Microsoft on X86/Win32 for Reverse Engineers. Also found this one by Lenny Zeltser that is more how-to c...

Friday, August 14, 2009

VI Cheatsheet

Link to VI Cheatsheet

Thursday, August 13, 2009

Lock down single user sign-on

Add the following to /etc/inittab su:S:wait:/sbin/sulogin source: http://thedaneshproject.com/posts/password-protect-single-user-mode/

Updated Cheatsheets Available

SANS post on updated cheatsheets details the following: - Jeremy Stretch's work at PacketLife.net : http://packetlife.net/cheatsheets/ ...

View web version

Powered by Blogger.