Skip to content

Laskowski-Tech

  • Home
  • Projects
    • Calamity – Malware Triage from Memory Dumps
    • LW-yara Malware signature database
    • Minerchk – malicous crypto-mining detection
    • Blazescan – Linux Webserver Malware scanner and DFIR toolset
    • Drupal Check CVE 2018-7600
  • Resources
    • pfSense
    • Securing WordPress
    • Web Server Malware Investigating
  • Articles
  • CV
  • Contact

Category: pfsense

Snort rule generator and updated Monero Miner Rules

Posted on February 5, 2018February 5, 2018 by admin

So this morning I was wanting to update the original snort crypto miner rules to my minerchk tools. I thought it would be nice to create detection based on all of the domain and IP addresses that I’ve uncovered using the infection

Read More

Posted in cryptomining, logging, pfsense

Acme plugin on pfSense, add Let’s Encrypt Cert to your firewall!

Posted on December 4, 2017April 30, 2018 by admin

So last week I was looking to see what packages had updated for pfSense 2.4. And right at the top of the list I see one named Acme. Hmmm what could this be, well to my pleasant surprise pfSense is now compatible

Read More

Posted in network, pfsense

DNSBL on pfSense Tutorial

Posted on November 28, 2017January 9, 2018 by admin

So many malware today is now distributed by phishing sites and malicious sites. Many of these are tracked by various outfits and they offer a great resource in the form of threat feeds. One of my favorite methods to take advantage of

Read More

Posted in malware, network, pfsense

pfSense and Graylog for NetFlow collection and Analysis

Posted on September 20, 2017January 9, 2018 by admin

Hello, I love Network and Infosec, but my current role doesn’t get me too hands on in the two so at home I’ve deployed pfSense router, a powerful free and open source network operating system, and Graylog a free and open source

Read More

Posted in logging, network, pfsense

Recent Articles

  • Opnsense and SSL decryption using sslsplit
  • TIL: How to Unpatch Office and get that sweet execution
  • Breakout Time: Trickbot edition (Gtags QWE, lib693, tt0002)
  • Remco’s RAT, AMSI killing in the wild and defender evasion.
  • Definitely Racoon this time!
  • OSTAP: Maldocs, with a sprinkle of Jscript
  • What is this? Bad for sure! Racoon Stealer, maybe?
  • Is That Really Your AV Company? (Trickbot gtag mor85)
  • .Club Phish
  • Emotet’s away but Trickbot still wants to play

Categories

All rights reserved © Laskowski-Tech Powered by WordPress Theme by Mina Themes