Blog

EDA milCERT 2023

News Monitoring

This week we participated, with the colleagues from Cyber Command, in the milCERT exercise organized by the European Defence Agency (EDA). During this exercise the participating teams get tested in a task driven response & investigation activities on full-scale IT Infrastructure live fire environment.

Read
Testing an Image Format

Forensics

Image format testing is a necessary action for digital preservation to ensure that the data will be readable in the long term. It may also be part of the solution to detect image manipulation for cybersecurity defense or in Capture-The-Flag exercises.

Read
What is Situation Awareness?

Intrusion Detection Visual Analytics APT Detection

The constant stream of data produced daily, the complicated environment and the need for quick reaction to malicious attacks make the life of cyber defense analyst a living nightmare. Many wonder how are we supposed to be able to review the gigabytes of logs produced daily, how can we manage to analyze them all and extract valuable insight into what is happening in the network?

Read
Happy birthday to us!

News

The creation of the Cyber Defence Lab was an incremental process. So it's hard to define a precise birth date. There is actually only one date that can be seen as our birth date: the day we registered our domain name cylab.be. And that was on 21 October 2016. So we turn 7. Happy birthday to us!

Read
How to analyse HTTPS traffic with mitmproxy transparent mode

Linux Reverse Engineering

Did you already want to analyze traffic of a specific application, but this traffic is encrypted using TLS? You start wireshark and then stumble upon this very annoying display where you only see encrypted TLS traffic.

Read
Complicated and Complex Systems- Brief Introduction

Teaching Visual Analytics

We often get confronted by a difficult problem - the lack of understanding of our environment, be that our community, organization or computer network. This originates from the structure of such systems, a finite amount of autonomous parts, which interact constantly with each other and produce unexpected results. Because of this inherent complexity, such systems are aptly named "Complex Systems". There is still some confusion in differentiating Complex Systems from Complicated Systems and in this blog we will try to give a quick overview of each.

Read
Install Eric Zimmerman's forensics toolkit

Forensics Windows

Eric Zimmerman has written a collection of powerful forensics analysis tools. The installation process requires some work, but here is a step by step guide to install the tools on a Windows 11 computer.

Read
How to use mattermost golang driver

golang

If you have already tried to develop a bot in golang for mattermost, you have probably already found the documentation page for the API.

Read
We welcome the Hungarian Cybersecurity Roadshow delegation

News

This Wednesday we welcomed the Hungarian Cybersecurity Roadshow delegation. The Cybersecurity Roadshow delegation is composed of representatives of 14 Hungarian governmental actors, companies and R&D institutions which are active in the cyber defence sector. For 4 days, they are traveling around Europe to meet their peers.

Read
SIFT workstation : fix rip.pl error 'Global symbol "$plugindir" requires explicit package name'

Forensics

If you are using the current version of the SIFT workstation, the installed version of RegRipper has a bug that shows the following error message: 'Global symbol "$plugindir" requires explicit package name'. Luckily this bug is easy to fix. Here is how...

Read
Continuous Deployment with GitLab and docker-compose

GitLab Docker DevOps

In this blog post we will show how to implement continuous deployment with GitLab and docker compose. More precisely, we will show how to use a gitlab-ci pipeline to:

Read
Building Your Bash Toolkit: Simplifying Key-Value Extractions with `extract_value`

CSC bash Tools Bash-Toolkit

In our previous post of the Building Your Bash Toolkit series, we delved deep into the process_args function, a utility that enables our bash scripts to handle both piped and direct inputs effortlessly. With that power in hand, we are set to further simplify some of the common bash scripting tasks.

Read
This website uses cookies. More information about the use of cookies is available in the cookies policy.
Accept