MASFAD 2 at EDA CapTech Cyber

APT Detection MASFAD

Today we are proud to present the Multi-Agent System for APT Detection project (MASFAD 2) at the first meeting of the Capability Technology Area Cyber (CapTech Cyber) of the European Defense Agency (EDA).

Publish GitLab notifications to Mattermost

Secure Software Development GitLab

Mattermost is a wonderful messaging and collaboration tool for developer teams. It is also a great open source alternative to Slack. In this short blog post we show how to connect Mattermost and GitLab together.

Security Onion : Getting started


Security Onion is a great tool that combines full packet capture, intrusion detection (snort and bro) and the elasticsearch-logstash-kibana (ELK) stack to store and visualize your security data. Let's see how to get started...

Detect unused composer dependencies

PHP Secure Software Development

If you are using composer to manage the dependencies of your PHP project (and you certainly should), it is very easy to end up using a lot of dependencies. And if your project lives long enough, some (or lots of them) will not be used anymore.

COVID-19 Tracking Application

Mobile Device Security Android Reverse Engineering

Most of the countries around the world are in a more or less hard lockdown. In Europe, some countries are gradually starting to allow certain sports outings, visiting family or opening certain stores. An important fear is a possible second wave of contamination. To prevent that, some governments provide a mobile application to track the virus spreading.

How to aggregate scores in a multi-heuristic detection system : A comparison between WOWA and Neural Networks

APT Detection

Cyber-attacks are becoming increasingly complex and therefore require more sophisticated detection systems. A lot of these are actually combine multiple detection algorithms. A crucial step is then to aggregate all detection scores correctly.

COVID-19 Android Malware

Stay Home Mobile Device Security

During each crisis, some people use the fear of the population to make benefit. Unfortunately, the COVID-19 crisis is not an exception. There are a lot of different scams related to COVID-19. And a place where it is easy to perform these scams is on the Internet. Globally, the methods used are the same as before the crisis, but currently, the word, Coronavirus, COVID-19,... inspire fear. Fear lowers the level of caution for a lot of people. The possibility that a phishing campaign works is greater now than a few months ago, for example.

Simulate user activity with the GHOSTS framework : Introduction

Offensive Security

When we want to test some detection algorithm we are developing, or we want to prepare a nice in-depth exercise for our students, we need to set up an ecosystem that closely resembles that of the real world. This can lead to some difficulties as in a real network we have multiple users, each with the own computer, surfing the net, working with files, or typing commands and sending requests to the network's centralized server. It could pose a big challenge to model this if we don't have a group of people available who we can task with sitting behind a computer and clicking on their mouse every so often to simulate real computer behaviour. There are tools available that help automate that, but in most cases they can be quite rudimentary.

Implement CRUD operations in Laravel, and automatic code generation

Laravel PHP

When working with model objects in Laravel, you will typically have to implement the CRUD operations: Create, Read, Update and Delete objects from the database. To support these operations you will need to write:

Man-In-The-Middle (MITM) with arpspoof

Offensive Security

In this post we show how to easily perform a L2 man-in-the-middle attack using arpspoof on a standard Ubuntu computer...

Mobile Device Security Training

Training Stay Home Offensive Security Mobile Device Security

On Wednesday 15 April 2020, we are organizing a special training session dedicated to Mobile Devices Security.

Decompile and modify an Android application

Mobile Device Security Secure Software Development

Usually, Android applications are written in Java (or, now, in Javascript) and compiled in a Dalvik bytecode (DEX file). Then, the bytecode is interpreted and executed by the Dalvik Virtual Machine.

This website uses cookies. More information about the use of cookies is available in the cookies policy.