Hello and welcome! My name is John Strand, and in this video, we’re going to be talking about tripwire Honeyports. Now, this is a lab that’s used in ADHD. This is the virtual machine that we use in my classes that we teach at Wild West Hackin’ Fest and also at Black Hat. But in […]
Hello and welcome, my name is John Strand and in this video, we’re going to be talking about RITA, Real Intelligence Threat Analytics and how it can quickly do DNS analysis to find DNS backdoors in your environment. So once again we are using ADHD, if you want to find ADHD just go to ActiveCountermeasures.com […]
In this webcast, we will cover what we can do if we think there is a breach on our network. We will cover live forensics, cool PowerShell scripts, network, and event log analysis, cool IR spreadsheets, and checklists. We will also be covering the status of our ELK project for reviewing Event ID 3 from […]
Podcast: Play in new window | Download
Ray Felch // Preface: Following the work of the Bastille Research Group (See: https://github.com/BastilleResearch/mousejack), I was interested in knowing if these (keyboard injection) vulnerabilities were still valid. To my surprise, I was able to duplicate the attack on an inexpensive Logitech keyboard that I already had in my possession. This keyboard (Logitech K400r) is still […]
Hello and welcome, my name is John Strand and in this video, we’re going to be talking a little bit about beaconing using RITA. Now, for this particular video, I’m not using the security onion, instead we’re going to be using ADHD. If you want to find ADHD, go to the ActiveCountermeasures.com website. Go to […]
Hello and welcome, my name is John Strand and in this video, we’re going to be getting started with Wireshark. Now, Wireshark is very similar to TCPDump, in fact, a lot of people actually prefer Wireshark to TCPDump, but I look at them as two completely different utilities. TCPDump is fantastic for creating scripts, going […]
Hello and welcome, my name is John Strand and in this video, we’re going to be talking about getting started with TCPDump. Now, TCPDump is a fantastic tool, it’s one of the core essential tools that every single IT professional should have, especially Infosec professionals. The reason why is TCPDump gives us the ability to […]
Do you know what your attackers know? There’s a good chance you know, but you might not be aware of just how much information can be found historically and in real-time about your business operations and organization. Join Jordan Drysdale and Kent Ickler as they discuss and demonstrate Purple Team Enterprise Reconnaissance methods that increase […]
Podcast: Play in new window | Download
In this webcast, we have our friend Hal Pomeranz sharing his massive knowledge on Linux. If you’re new to Linux, or if you know it and just want to hear from Hal’s years of using and teaching all things Linux, then this is the webcast for you. Download slides: http://www.deer-run.com/~hal/CLDojo.pdf 0:00 – Intro to Hal 9000 […]
Podcast: Play in new window | Download
