The GHOSTS Framework is an open-source project created by Dustin Updyke, a cybersecurity researcher from the Carnegie Mellon University. It's a framework which offers a way to simulate user activity, usually for cyber awareness trainings or research in the field of cyber defense.
Read moreToday we released version 1.1.0 of the cyrange Cyber Range platform. This version brings an important new feature : scenarios. A scenario allows to define a large scale exercise, involving multiple virtual machines, that can be interconnected using a complex network. Moreover, to run the exercise, the cyrange platform will deploy a copy of each defined VM for each trainee. Let's see how...
Read moreDefining cyber attacks is a difficult task. They vary in origins, goals and, at first glance, the techniques used might seem very different. Luckily a popular model was defined by Lockheed Martin, still used to this day, which illustrates very well the lifecycle of a typical cyber attack. The Cyber Kill Chain, popular but controversial, defines the 7 principal steps of an attack. There have been many advances, since its original conception, one of which is the wildly acclaimed ATT&CK Matrix for Enterprise.
Read moreDNS is a real corner stone of privacy and security on the Internet! From the security point of view, DNS is used by your machine to link a domain name to an IP address. DNS is also used to find the email server of a recipient (using MX records). On a desktop computer, DNS is used by email clients to perform auto-configuration. Over the Internet, DNS records are used to prevent BGP hijacking (using RPKI). The list is long! From the privacy point of view, the DNS queries sent by your computer offer a clear view of the services you use.
Read moreWhen developing a web application with Laravel, you will usually have to deal with different users, that have different permissions. If the application is quite simple, with only 2 types of users (administrators that are almighty and regular users that have no permission) you can use a middleware to protect your administrator's area. In this blog post we look at Laravel policies, that allow fine-grain control of user actions.
Read moreRecording the DNS queries perform by devices on your network is a simple and efficient way of monitoring your network. In this blog post we show how to configure the bind DNS server to log these...
Read moreYesterday we organized the 2nd session of our cyber security evening. This series of events is a collaboration between the Royal Military Academy and MolenGeek. It aims to contribute to the preparation of the future generation of cyber specialists.
Read moreDon't remember all the command line tools or which parameters go where? At some point getting lost in all these terminal screens running different algorithms one after the other? Let CyberChef prepare and cook all this for you!
Read moreFor years, hackers have been the main characters of movies, books and generally have captured the imagination of regular folks. When we see these hackers use the tools of their trade, we usually see a black screen with green text flashing as fast as possible on the screen, lost in commands and bright flashing lights. This can't be any further from reality, as most hackers will spend hours and days on end to accomplish their tasks, usually staring at a screen, using their programs of choice.
Read moreNo. Setting HTTPS is not enough to ensure that your cookies are encrypted. But Laravel proposes some very simple ways to achieve that.
Read more