Skip to content

Laskowski-Tech

  • Home
  • Projects
    • Calamity – Malware Triage from Memory Dumps
    • LW-yara Malware signature database
    • Minerchk – malicous crypto-mining detection
    • Blazescan – Linux Webserver Malware scanner and DFIR toolset
    • Drupal Check CVE 2018-7600
  • Resources
    • pfSense
    • Securing WordPress
    • Web Server Malware Investigating
  • Articles
  • CV
  • Contact

Category: network

All you need to do is mess up once they say…

Posted on October 15, 2018 by admin

Or how your sever gets used in a reflective DDOS, an anecdote…   So many platitudes in the infosec community go : As a defender you need to be right 100% of the time, the attack only needs to get it right

Read More

Posted in monitoring, network, web server

Malware infrastructure breakdown

Posted on October 12, 2018October 12, 2018 by admin

Investigating a malicious email the other day, came across a bit of a more widely deployed infrastructure than what I tend to see in day to day malspam campaigns. We received a single email that linked to a site at the IP

Read More

Posted in analysis, malware, network

Setting up a Honeypot using Opencanary

Posted on December 19, 2017December 20, 2017 by admin

One of the biggest issues in many organizations is lack of detection capabilities of lateral movement. We all know the breach will happen at some point, but the real question is will you know when it happens? Most data we have is

Read More

Posted in monitoring, network

Acme plugin on pfSense, add Let’s Encrypt Cert to your firewall!

Posted on December 4, 2017April 30, 2018 by admin

So last week I was looking to see what packages had updated for pfSense 2.4. And right at the top of the list I see one named Acme. Hmmm what could this be, well to my pleasant surprise pfSense is now compatible

Read More

Posted in network, pfsense

DNSBL on pfSense Tutorial

Posted on November 28, 2017January 9, 2018 by admin

So many malware today is now distributed by phishing sites and malicious sites. Many of these are tracked by various outfits and they offer a great resource in the form of threat feeds. One of my favorite methods to take advantage of

Read More

Posted in malware, network, pfsense

WPA2 vulnerability, yet another reason to VPN all the things

Posted on October 17, 2017January 9, 2018 by admin

So today key reinstallation attacks (KRACKs) came out providing a reliable method to crack the highest available method to safeguard both home and enterprise networks. The good news, it can be patched! The bad news you will never know if the everything is

Read More

Posted in network

Information Security Podcasts

Posted on September 30, 2017January 9, 2018 by admin

In learning the craft of Infosec I find one of the best ways to stay on top of and get good context into the going-ons in the industry are podcasts. Some will teach, others will inform, and some are just damn fun

Read More

Posted in network

pfSense and Graylog for NetFlow collection and Analysis

Posted on September 20, 2017January 9, 2018 by admin

Hello, I love Network and Infosec, but my current role doesn’t get me too hands on in the two so at home I’ve deployed pfSense router, a powerful free and open source network operating system, and Graylog a free and open source

Read More

Posted in logging, network, pfsense

Recent Articles

  • Opnsense and SSL decryption using sslsplit
  • TIL: How to Unpatch Office and get that sweet execution
  • Breakout Time: Trickbot edition (Gtags QWE, lib693, tt0002)
  • Remco’s RAT, AMSI killing in the wild and defender evasion.
  • Definitely Racoon this time!
  • OSTAP: Maldocs, with a sprinkle of Jscript
  • What is this? Bad for sure! Racoon Stealer, maybe?
  • Is That Really Your AV Company? (Trickbot gtag mor85)
  • .Club Phish
  • Emotet’s away but Trickbot still wants to play

Categories

All rights reserved © Laskowski-Tech Powered by WordPress Theme by Mina Themes