To learn the tools, tactics and motives involved in computer and network attacks, and share the lessons learned.

Blogs

Vagrant configuration for Thug honeyclient

Vagrant and Docker and wonderful tools that enable security practitioners to easily dive into the DevOps world and use them for InfoSec projects. Continuing from the previous blog post Thug in 5 minutes, here is a Vagrant configuration to setup Thug honeyclient.

Global Glastopf statistics for May 2014

During the month of May the following information was obtained from Glastopf installations worldwide

Number of alert for the period: 1859863

Filenames (RFI) - 10 most popular during the period:

Hash: Hits:
48101bbdd897877cc62b8704a293a436 2425
4997ed27142837860014e946eed96124 2050
d070c4cccf556b9da81da1e2de3cba54 644
3cc11c8fa7e3e36f0164bdcae9de78ec 330

Global Glastopf statistics for April 2014

During the month of April the following information was obtained from Glastopf installations worldwide

Number of alert for the period: 1325919

Filenames (RFI) - 10 most common during the period:

Hash: Hits:
F8a4da2e35b840891335d90cb48a6660
b8cbfe520d4c2d8961de557ae7211cd2 1072
3cc11c8fa7e3e36f0164bdcae9de78ec 998
7de0bcb903eaba7881c6d03a8c7769a8 682

Thug 0.5 and KYT paper

Thug 0.4.0 was released on June, 8th 2012 and a huge number of really important features were added since then. During the last two years I had a lot of fun thinking and designing the future of the project and I'm really proud of what Thug is now. I have to thank a lot of persons who contributed with their suggestions, ideas, bug reports and sometimes patches. You know who you are. Really thanks!

Released peepdf v0.3

After some time without releasing any new version here is peepdf v0.3. It is not that I was not working in the project, but since the option to update the tool from the command line was released creating new versions became a secondary task.

Thug in 5 minutes

Ever wanted to run up a quick instance of Thug on a couple of malicious web sites or try it out but lacked the sys op knowledge or time to install it? Here is the opportunity. Thanks to Docker you can run Thug up in a matter of minutes. Jose Nazario and me have created two docker images which are in the Docker Hub ready to run.

So this is how to do it:

EXTRA workshop news !

Well folks, just a few days and the workshops will kick off ! Registrants, please remember to bring your printed tickets !
The on-line registration was closed on May 8th and tickets are almost sold out. Just a few tickets are left for on-site registration. No promises, but if you are in the area. Check it out !

New release Thug version 0.4.37 !

With the release of version 0.4.37 the honeyclient thug also supports APK analysis. This feature is made possible through Androguard (https://code.google.com/p/androguard/) ! Grab your copy at https://github.com/buffer/thug or update your code with git pull !

Only three ticket left for botnet mitigation training !

So if you want to attend you better act fast. For more information and registration visit http://warsaw2014.honeynet.org/trainings.html#training1

Syndicate content