Blog

Understand and implement PXE network boot

Linux Sysadmin

PXE is a powerful system that allows to boot a system from the network. The applications are numerous : install a system from the network, create diskless or kiosk systems. But the system is pretty complex! In this blog post we will explain how network booting works, and show an example to allow interactive installation of Ubuntu 22.04 server from the network...

Read
Create a handler for opening special URLs like 'ssh://'

Linux Sysadmin

Sometimes when using a web application you may encounter a special URL that does not start with http or https, like ssh://192.168.0.123 for example. On a mobile device, your phone will usually open the appropriate application to handle this URL. Here is how to achieve the same on a Linux computer.

Read
Velociraptor : hunt malwares as a pack

Forensics Sysadmin Linux

Velociraptor is a digital forensic and incident response tool that allows to collect information on multiple endpoints at once, and easily analyze the collected data using Notebooks and a query language (called Velociraptor Query Language, VQL), which is very similar to SQL. This makes Velociraptor a valuable tool for threat hunting over a large network.

Read
Explore the SAM hive with Regedit (and Sysinternals)

Windows Sysadmin Forensics

The Windows Registry is a kind of database that stores a lot of important configuration parameters for Windows and installed applications. The specific of this database is that the data is actually stored in different files called hives. One of these is the SAM (Security Account Manager) hive, which stores, among others, user passwords. Let's explore this hive a little..

Read
Install Sysinternals

Windows Sysadmin Forensics

Sysinternals is a collection of powerful utilities for Windows. They can be used by system administrators to perform local or remote system administration, and also by analysts to perform some forensics tasks. The tools were originally developed by Mark Russinovich, and are now maintained by Microsoft. Here is how to install them...

Read
EDA milCERT 2023

News Monitoring

This week we participated, with the colleagues from Cyber Command, in the milCERT exercise organized by the European Defence Agency (EDA). During this exercise the participating teams get tested in a task driven response & investigation activities on full-scale IT Infrastructure live fire environment.

Read
Happy birthday to us!

News

The creation of the Cyber Defence Lab was an incremental process. So it's hard to define a precise birth date. There is actually only one date that can be seen as our birth date: the day we registered our domain name cylab.be. And that was on 21 October 2016. So we turn 7. Happy birthday to us!

Read
Install Eric Zimmerman's forensics toolkit

Forensics Windows

Eric Zimmerman has written a collection of powerful forensics analysis tools. The installation process requires some work, but here is a step by step guide to install the tools on a Windows 11 computer.

Read
We welcome the Hungarian Cybersecurity Roadshow delegation

News

This Wednesday we welcomed the Hungarian Cybersecurity Roadshow delegation. The Cybersecurity Roadshow delegation is composed of representatives of 14 Hungarian governmental actors, companies and R&D institutions which are active in the cyber defence sector. For 4 days, they are traveling around Europe to meet their peers.

Read
SIFT workstation : fix rip.pl error 'Global symbol "$plugindir" requires explicit package name'

Forensics

If you are using the current version of the SIFT workstation, the installed version of RegRipper has a bug that shows the following error message: 'Global symbol "$plugindir" requires explicit package name'. Luckily this bug is easy to fix. Here is how...

Read
Continuous Deployment with GitLab and docker-compose

GitLab Docker DevOps

In this blog post we will show how to implement continuous deployment with GitLab and docker compose. More precisely, we will show how to use a gitlab-ci pipeline to:

Read
Install a recent kernel on Ubuntu

Sysadmin Linux

Even if you are regularly updating your Ubuntu system, you may be running a relatively old version of the kernel. At the time of writing (28 August 2023), Ubuntu 22.04 ships with a kernel numbered 5.15.0, which was release on 31 October 2021. This is more than 2 years ago...

Read
This website uses cookies. More information about the use of cookies is available in the cookies policy.
Accept