Sometimes when using a web application you may encounter a special URL that does not start with http or https, like ssh://192.168.0.123 for example. On a mobile device, your phone will usually open the appropriate application to handle this URL. Here is how to achieve the same on a Linux computer.
ReadThis second blog post gives an overview of P4 programming by illustrating some of the key concepts found in most P4 programs, from header declaration to packets deparsing.
ReadWe have released version 2.0.0 of our Multi-Agent Ranking Framework Python client!
ReadProgramming Protocol-independent Packet Processors (P4) is a domain-specific language for network devices, specifying how data plane devices (switches, NICs, routers, filters, etc.) process packets. P4 programs are designed to be implementation-independent: they can be compiled against many different types of execution machines such as general-purpose CPUs, FPGAs, system(s)-on-chip, network processors, and ASICs.
ReadVelociraptor is a digital forensic and incident response tool that allows to collect information on multiple endpoints at once, and easily analyze the collected data using Notebooks and a query language (called Velociraptor Query Language, VQL), which is very similar to SQL. This makes Velociraptor a valuable tool for threat hunting over a large network.
ReadThe Windows Registry is a kind of database that stores a lot of important configuration parameters for Windows and installed applications. The specific of this database is that the data is actually stored in different files called hives. One of these is the SAM (Security Account Manager) hive, which stores, among others, user passwords. Let's explore this hive a little..
ReadSysinternals is a collection of powerful utilities for Windows. They can be used by system administrators to perform local or remote system administration, and also by analysts to perform some forensics tasks. The tools were originally developed by Mark Russinovich, and are now maintained by Microsoft. Here is how to install them...
ReadFor cyber security training, it's beneficial to create accounts on well-known cyberranges that offer both free and paid training:
ReadIf you ever tried to set up a web application on your local machine with a secure connection (using HTTPS), you likely generated self-signed TLS certificates. When you create your own self-signed certificate, or even when the application you're using generates the certificate itself, your operating system (OS) will likely not trust the certificate. Consequently, also your other applications will not trust the certificate.
ReadInterpreting a 1-D array of pixels is not possible by the human eye. And yet such data is available in several circumstances, like the dump of pixel arrays from RAM or disk, the availability of image files in RAW format (without the width) or when solving a Capture-The-Flag cybersecurity challenge with images.
ReadArangoDB Graph database Network analysis and visualization Python
In this post we introduce the basics of a graph database and how to access it from Python. The database system used for storing and querying the data is ArangoDB, which was briefly described in a previous blog post. The Python driver of choice, as referenced in the official documentation, is Python-Arango; which can be accessed via its GitHub page.
ReadYou have heard of RDBMS, for Relational Database Management System, or may even intuitively associate the word "database" with a tabular representation of data that you can query using a language such as SQL. Depending on your technical affinity, or the scale of your problem, you would then turn to your tool of choice to store and access your data in a CSV text file, a spreadsheet, ... or table(s) inside a proper database. Ouch! Who says that one of those is better than another? And why even learn about anything else than a tabular model?
Read