Category Archives: Research

OpenDoor Scanner vs SimpleHTTPServer (PCAP)

Often when analysing attacks, scans or just general traffic it is difficult to identify the specific tool or technique in use. This is simply because there isn’t a reference database for every tool. So I thought I would upload a … Continue reading

Posted in Network Forensics, PCAP Analysis, Research, Wireshark | Tagged , , , , , | 1 Comment

Pass-the-hash Mitigation – Tip of the Day

I have been recently researching Pass the Hash mitigation techniques and I have found that there are the usual comments about not logging on to workstations with Admin accounts, ensuring your local admin accounts don’t have the same password, ensuring … Continue reading

Posted in Group Policy, Hardening, Incident Response, pass the hash, Pen Testing, Preparation, Research | Tagged , , , , , | Leave a comment

USB Forensic “Roadmap”

As I have been researching and investigating USB Forensics I put together a “Roadmap” for my own personal reference. I made it using Maltego Case File and refer to it every now and then when I am attempting to remember … Continue reading

Posted in Cyber, Research, USB Forensics, Windows Forensics | Tagged , , , , , | Leave a comment

SANS Christmas Hacking Challenge

I thought I would write about my experiences with the Christmas Hacking Challenge by SANS, I am writing this before Christmas, but I wont publish it until after the closing date for obvious reasons 🙂 The challenge has an amazing … Continue reading

Posted in Competition, Cyber, Heartbleed, Pen Testing, Research, SANS, Shellshock, USB Forensics, Windows Forensics | Tagged , , , , , , , | 5 Comments

Research: Decoding LanmanServer\Shares

For my first fully independent research topic I chose to look at the registry key created when an object is shared. This all started with a job we were investigating recently where the indicators we were given did not turn … Continue reading

Posted in Cyber, Research, Shared Folders, Windows Forensics, Windows Registry Forensics | Tagged , , , , , , , , | 6 Comments