Blog

Explore the SAM hive with Regedit (and Sysinternals)

Windows Sysadmin Forensics

The Windows Registry is a kind of database that stores a lot of important configuration parameters for Windows and installed applications. The specific of this database is that the data is actually stored in different files called hives. One of these is the SAM (Security Account Manager) hive, which stores, among others, user passwords. Let's explore this hive a little..

Read
Install Sysinternals

Windows Sysadmin Forensics

Sysinternals is a collection of powerful utilities for Windows. They can be used by system administrators to perform local or remote system administration, and also by analysts to perform some forensics tasks. The tools were originally developed by Mark Russinovich, and are now maintained by Microsoft. Here is how to install them...

Read
Using TryHackMe Cyberrange for CSC Workshops

CSC HTB

For cyber security training, it's beneficial to create accounts on well-known cyberranges that offer both free and paid training:

Read
How to make your machine trust your self-signed certificates?

Linux Python OpenStack

If you ever tried to set up a web application on your local machine with a secure connection (using HTTPS), you likely generated self-signed TLS certificates. When you create your own self-signed certificate, or even when the application you're using generates the certificate itself, your operating system (OS) will likely not trust the certificate. Consequently, also your other applications will not trust the certificate.

Read
Onderzoeker cybersecurity & AI

Jobs News

Bij Cylab zijn we op zoek naar een voltijdse onderzoeker in het domein van cybersecurity met een masterdiploma cybersecurity, informatica, computerwetenschappen of equivalent. Iets voor jou? Lees vooral snel verder! Voor een eerste project, onder de noemer "AI for Cyber", is het de bedoeling om verschillende nieuwe technieken uit het domein van artificiële intelligentie (AI) te bestuderen, vergelijken en toe te passen bij de bescherming van onze systemen tegen cyberaanvallen.

Read
Chercheur en Cyberdéfense

Jobs News

Nous recrutons un chercheur en cyberdéfense, à temps plein, avec un Master en Cybersécurité, Informatique ou équivalent. Pour un premier project, nommé « AI for Cyber », nous planifions d’étudier et comparer les différentes/nouvelles techniques d’Intelligence Artificielle (IA), et de les appliquer dans la protection de nos équipements actifs contre les cyber attaques.

Read
Guessing the width of an image

Forensics

Interpreting a 1-D array of pixels is not possible by the human eye. And yet such data is available in several circumstances, like the dump of pixel arrays from RAM or disk, the availability of image files in RAW format (without the width) or when solving a Capture-The-Flag cybersecurity challenge with images.

Read
First steps with a graph database - using Python and ArangoDB

ArangoDB Graph database Network analysis and visualization Python

In this post we introduce the basics of a graph database and how to access it from Python. The database system used for storing and querying the data is ArangoDB, which was briefly described in a previous blog post. The Python driver of choice, as referenced in the official documentation, is Python-Arango; which can be accessed via its GitHub page.

Read
Quick introduction to ArangoDB, the multi-model database

Graph database ArangoDB JSON

You have heard of RDBMS, for Relational Database Management System, or may even intuitively associate the word "database" with a tabular representation of data that you can query using a language such as SQL. Depending on your technical affinity, or the scale of your problem, you would then turn to your tool of choice to store and access your data in a CSV text file, a spreadsheet, ... or table(s) inside a proper database. Ouch! Who says that one of those is better than another? And why even learn about anything else than a tabular model?

Read
EDA milCERT 2023

News Monitoring

This week we participated, with the colleagues from Cyber Command, in the milCERT exercise organized by the European Defence Agency (EDA). During this exercise the participating teams get tested in a task driven response & investigation activities on full-scale IT Infrastructure live fire environment.

Read
Testing an Image Format

Forensics

Image format testing is a necessary action for digital preservation to ensure that the data will be readable in the long term. It may also be part of the solution to detect image manipulation for cybersecurity defense or in Capture-The-Flag exercises.

Read
What is Situation Awareness?

Intrusion Detection Visual Analytics APT Detection

The constant stream of data produced daily, the complicated environment and the need for quick reaction to malicious attacks make the life of cyber defense analyst a living nightmare. Many wonder how are we supposed to be able to review the gigabytes of logs produced daily, how can we manage to analyze them all and extract valuable insight into what is happening in the network?

Read