Research
Security Onion pt II: Snort/Snorby Installation (Squert/Sguil too)
Once the Security Onion image is installed, not much is happening until you actually install the applications that security onion simplifies the installation of. The primary purpose, at least from [...]
Security Onion Introduction and Installation
We’ve all been there, either standing over a spare computer or staring at a virtual machine thinking, “I want to build an IDS” but not wanting to embark on the [...]
CallerID Spoofing
After taking a look at Pindrop Security a startup, focused on preventing phone fraud, with a growing ground swell, I decided to take a little bit of a closer look [...]
Attributes of a Zero Dollar Malware Analysis System
Please note this environment is not meant to be a sandbox but rather an environment where one can conduct research on malware while most likely not executing the malware (unless [...]
Qualys Delivers Free Website Malware Scanning
It is difficult to argue that legitimate websites serving out malware has become a serious issue for security professionals. The profitability of scanning websites specifically for malware infections on the [...]
Metasploit Express Thoughts
Initial Metasploit Express Thoughts On April 22, Rapid7, a leader in vulnerability management and the recent acquirer of Metasploit LLC, announced the release of a commercial Metasploit product labeled “Metasploit [...]
The Battle for My Home Network
In considering new topics for blog posts, I came to realize that it may be interesting to spend a few posts discussing aspects of my home network. While I do [...]
Playing with NeXpose and Metasploit
a href=”http://secanalysis.com/index.php/blog/1-blog/17-a-bit-of-perspective-on-the-acquisition-of-metasploit”>My thoughts on the Rapid7 acquisition of the Metasploit project aside, Rapid7 and HD Moore’s Metasploit team have been quick to produce an interesting integration between Rapid7′s NeXpose vulnerability [...]
Quick Look: Paterva Mesh
Summary Mesh is a simple but powerful browser plugin that parses websites for useful information such as E-mail addresses, phone numbers, and other information. I won?t sit here and tell [...]
A Brief Analysis of Shodan
Shodan (http://shodan.surtri.com) is an engine that searches a database of banners and headers recovered from scans conducted over port 21/TCP, 22/TCP, 23/TCP, and 80/TCP. In many ways utilizing the Shodan [...]