Posts

Kringlecon 2022 Walkthrough

Introduction Objective 1 - KringleCon Orientation Objective 2 - Recover the Tolkien Ring Wireshark Phishing - Sparkle Redberry Q1 - What type of objects can be exported from the PCAP?

Kringlecon 2021 Walkthrough

Introduction Objective 1 - KringleCon Orientation Document Analysis - Piney Sappington Objective 2 - Where in the World is Caramel Santaigo? Grepping for Gold - Greasy Gopherguts Objective 3 - Thaw Frost Tower’s Entrance Logic Chompers - Noel McBoetie Objective 4 - Slot Machine Investigation IPv6 Sandbox - Jewel Loggins Objective 5 - Strange USB Device Holiday Hero - Chimney Scissorsticks Elevator Hack Objective 6 - Shellcode Primer - Ruby Cyster Objective 7 - Printer Exploitation HoHo … No - Eve Snowshoes Objective 8 - Kerberoasting on an Open Fire Objective 9 - Splunk IMDS Exploration - Noxious O.

Docker Tutorial and/or Cheatsheet

Frequently used Docker commands

Kringlecon 2020 Walkthrough

Introduction Objective 1 - Uncover Santa’s Gift List Kringle Kiosk - Shiny Upatree Objective 2 - Investigate S3 bucket Linux Primer - Sugarplum Mary Objective 3 - Point-of-Sale Password Recovery Unescape Tmux - Pepper Minstix Objective 4 - Operate the Santavator Speaker lights/door/vending machine - Bushy Evergreen Objective 5 - Open HID Lock Objective 6 - Splunk Challenge CAN-D bus investigation - Wunorse Openslae Objective 7 - Solve the Sleigh’s CAN-D-BUS Problem Holly Evergreen - Redis Investigation Objective 8 - Broken Tag Generator Scapy - Alabaster Snowball Objective 9 - ARP Shenanigans Objective 10 - Defeat Fingerprint Sensor Snowball Game - Tangle Coalbox Objective 11a) - Naughty/Nice List with Blockchain Investigation Part 1 Setting up the environment Understanding the vulnerability Dumping the 32 bit PRNG integers Predicting the PRNG state Objective 11b) - Naughty/Nice List with Blockchain Investigation Part 2 Additional links Introduction Spoiler alert!

Practical DBSCAN Clustering with Python

Introduction Generating sample data Feature scaling Determining $\varepsilon$ and $minPts$ Model fitting Visualization Outlier detection Conclusion Additional links Introduction Density Based Spatial Clustering of Applications with Noise, DBSCAN for short, is a popular clustering algorithm that can be specially useful for outlier detection and clustering data of varying density.

Practical KMeans Clustering with Python

Introduction Algorithm Generating sample data Feature scaling Determining $K$ Elbow method Silhouette method Model fitting Model accuracy Conclusion Additional links Introduction KMeans clustering is perhaps the most well-known technique of partitioning similar data into the same clusters.

PCAP Analysis with Zeek | Digital Forensics and Incident Response

Introduction Zeek (previously called bro) is a useful tool that enables high-level PCAP analysis at the application layer. I have mostly been doing my packet capture analysis in Wireshark and while Wireshark is still my number one tool for PCAP analysis, Zeek was a great find for me.

PCAP Analysis with Wireshark and Tshark | Digital Forensics and Incident Response

Introduction PCAPs can greatly aid an investigation after an incident has occurred. However, PCAPs contain massive amounts of data that is difficult to parse and time is valuable, especially during live investigations.

Parsing Palo Alto syslogs with Logstash

Introduction Palo Alto Firewalls are capable of forwarding syslogs to a remote location. However, parsing is necessary before these logs can be properly ingested at data ingestion and storage endpoint such as Elasticsearch.

How to disable annoying Windows 10 notification sounds!

There are some Windows 10 notification (system) sounds that are quite annoying to say the least. I am not sure who decided that it was a good idea to choose these sounds for alert notifications in Windows 10.