Blog

Harvesting PGP secret keys from poorly secured Thunderbird instance

Pentesting Teaching

If you're privacy-conscious (which is great!) and have set up Thunderbird to use PGP for signing and encrypting your emails, you’ve likely taken important steps to ensure that no third party, including your email provider, can access your private communications. You probably followed an online tutorial to get it set up—but have you enabled a primary password?

Read
Install Autopsy on Linux and on the SIFT workstation

Forensics

Autopsy is an open-source digital forensics platform widely used for investigating and analyzing digital media, such as hard drives, memory cards, and smartphones. Developed by Basis Technology, it serves as the graphical front-end for The Sleuth Kit (TSK), a powerful collection of command-line tools for forensic analysis. It also includes additional tools like PhotoRec. Autopsy simplifies the forensic process by offering a user-friendly interface and features like timeline analysis, keyword searching, file carving, and metadata extraction.

Read
A brief overview of passkey

Teaching Phishing

You may have come across terms like "passkeys" or the intriguing idea of going "passwordless." These concepts might sound confusing, especially since we're all so used to securing everything with passwords—and constantly reminded of the importance of having strong ones. So, how could a world without passwords possibly be secure? In this blog post, we’ll explore this new method of authentication and break down how it works in a simple, easy-to-understand way. We won’t dive into the technical details, but you’ll get a clear overview of what passkeys are and how they can change the way we stay secure online.

Read
Create your own plugin for RegRipper

Forensics Windows Linux

RegRipper is a collection of powerful perl scripts that allow to dump the content of a registry hive file into readable text. RegRipper relies on a plugin mechanism. Hence in this post I will show how to create your own plugin for RegRipper. The example will be very basic, and will extract the value of the Current ControlSet.

Read
Recover lost files with PhotoRec

Forensics

PhotoRec is file data recovery software designed to recover lost files from hard disks, solid state drives, CD-ROMs and digital camera memory.

Read
Cylab Cybersecurity Challenges

News

Like previous years, we will be organizing coaching sessions to prepare students for the Cyber Security Challenge Belgium and other CTF competitions.

Read
Getting Started with EVE-NG

Virtualization

EVE-NG is a network emulation tool that allow network engineers and IT professionals to design, simulate and test complex network environments. It supports images from multiple vendors ( OS, Network devices, Firewalls, Servers, vPCs ...). It can handle large network topologies and it offers a user-friendly interface accessible via any web browser which is user-friendly.

Read
Run a local instance of Stable Diffusion and use AI to generate images

AI

Next to ChatGPT, the apparition of image generation AI was a real breakthrough. These algorithms are able to create stunning and detailed images from textual descriptions. In this field, Stable Diffusion stands out by the quality of the images, but also by its open and accessible nature. Unlike many proprietary AI tools, Stable Diffusion makes its source code and models freely available.

Read
CYLAB at the ARES conference 2024

AI Cyber Situation Awareness Conference

Members of the Cyber Defence Lab attended this year's edition of the "International Conference on Availability, Reliability and Security ARES 2024" that was held in Vienna, Austria. They presented two papers in the field of AI and Cyber Situation Awareness.

Read
AI powered knowledge exploration with Globe Explorer

AI Teaching

Next to the very popular ChatGPT, a lot of other AI powered applications have sparked on the web recently. Globe Explorer https://explorer.globe.engineer/ is one of these, specially developed to explore knowledge and discover new domains.

Read
Install Eric Zimmerman's forensics tools on Linux

Forensics Linux

In a previous blog post, I presented the forensics tools written by Eric Zimmerman. Although these tools were originally developed for Windows, you can also run them on a Linux. This allows to run a full forensic investigation using a Linux computer.

Read
[geth] Developer mode

Blockchain Ethereum

If you have already played with geth, you probably have already noticed the --dev option. This option is very handy when you want to quickly start a node to test something. However, you might have found that the developer account which is automatically set is a random account. This randomness can be annoying when trying to automate some testing tasks. The good news is that there is a way to set this developer account. That's what will be explained in this small blog post.

Read