Thorsten Sick
Thorsten Sick
After documenting the steps to harden the system, create scripts that do that. This way more people will achieve to harden their systems
Hi This commit adds a feature to list files by modification date. I want to use it for forensics of malware infected VMs. When the infection just happened. (See cuckoosandbox.org)...
A sample (sha256: 09858ae19ce96499a78dd1f2a304a29caa7a1c220869cb6ec245b8fb91470c7e) has been using those not-yet-supported techniques to detect an analysis system/vm: RegOpenKeyExA on ``` These here are anti-spyware detections ``` SubKey => SOFTWARE\SUPERAntiSpyware.com SubKey => SOFTWARE\Classes\SUPERAntiSpywareContextMenuExt.SASCon.1...
IMHO many BashBunny attacks can be prevented if the screen is locked after a keyboard is attached to a live system. Directly after the screen is locked the keyboard is...
Tags indicating the technology mentioned in the talk (wifi, automotive, iot, ...) and similar would help to group talks. Also basic topics "politics", "security", ... A UI where I could...
As discussed in issue #19 A PR for an additional plugin system to cover rule plugins. As an example it contains a semi complex sql injection plugin.
Replacing the custom template engine with Jinja2 would remove a bunch of custom code. Jinja2 is more powerful and flexible. https://jinja.palletsprojects.com/en/2.10.x/ Early 2024 I would have time to do that...
This PR moves the protocol definition from the source code to YAML files. That way new protocols can be added by YAML file creation.
Create a "protocols" folder and a "technicalassettechnology" folder. In there define the protocols and assets as ,yaml files (one for each protocol/asset. The code for the protocols/assets can then be...
Switching to caldera 4 (but it is still Alpha !)