Loki is a Indicators Of Compromise Scanner, based on 4 main methods (additional checks are available) and will present a report showing GREEN, YELLOW or RED result lines. The compiled scanner may be detected by antivirus engines. This is caused by the fact that the scanner is a compiled python script that implement some file […]
Archives for January 2016
Fortinet SSH Backdoor Found In Firewalls
So the Fortinet SSH Backdoor, apparently it’s just a management authentication issue. Sorry, what’s that? It looks like a passphrase based admin level access login via SSH to me personally. Which is scary. They are adamantly shouting from rooftops that it was not planted by a 3rd party (NSA? Like Juniper..) or any kind of […]
dnscat2 – DNS Tunnel Tool
This DNS tunnel tool named dnscat2 creates an encrypted tunnel over the DNS protocol primarily as a command-and-control (C&C) channel for penetration testers as outbound DNS is rarely blocked in networks. This makes it a very effective tunnel out of almost every network. Overview dnscat2 comes in two parts: the client and the server. The […]
FastIR Collector – Windows Incident Response Tool
FastIR Collector is Windows incident response tool that offers the possibility to extract classic artefacts such as memory dump, auto-started software, MFT, MBR, Scheduled tasks, Services and records the results in csv files. The tool can also perform smart acquisitions thanks to the filecatcher, certificate filtering or support of Yara rules. The first part of […]
A Look Back At 2015 – Tools & News Highlights
So here we are in 2016, yet still writing 2015 in our chequebooks (yah lolpls like anyone uses cheques any more). Following on from last year and our 2014 summary, here is our 2015 highlights post with interesting happenings over the past 12 months – including tools and news stories. 2015 News Stories The theme […]