Empire now has a new feature: plugins! These allow for a great deal of flexibility and customization if you’re willing to write a little bit of code, and this post is dedicated to helping you get the most out of this new way Empire can be customized to meet your needs.
One of the great underrated problems of OSINT is data overload. I don’t mean the fancy kind, the kind that requires graph databases and thousands of lines of code to solve - much more like “I think I read this on a website somewhere, but I can’t remember which one. I hope it hasn’t been taken down.”
Thankfully, there are ways to solve this - today we’re going to talk about a great free and open source tool that can help.
A lot of people ask me what they should do to get started in information security.
One of my first answers is to keep an eye on infosec news - not to try to stay on top of it all (honestly, that’s probably impossible at this point), but to keep an eye out for security news that piques your interest. It’s all about curiosity, and having breadth is critical - you can look up more information later, as long as you know what’s out there.
Nine times out of ten, I get a followup question - “well, ok then - what should I read?”
I’ve been busy lately writing a comprehensive 4-part series on steganography and error correcting codes on the Black Hills Information Security blog.
The step-by-step guide takes you from the fundamentals of steganography all the way through a full image steganography example. Not only that, but it also includes a steganography tool in Python for you to use - and explains it!
Intelligence collection is manual. It’s tedious. It takes forever.
But you don’t have to do it all on your own.
Using tools like recon-ng, you can automate your open source intelligence collection process - whether it’s for business intelligence or security reconnaissance. Find out how to use recon-ng in this quick tutorial video:
Infosec is a way of life.
I’m probably getting nods from half of the information security (infosec) industry after saying that, and a disgusted look from the other half. For better or for worse, security is more than just a job for a huge number of people. What this means for the field is a whole different blog post, but it does certainly mean one thing:
Breaking into the security industry is staggeringly difficult for beginners.
Today is an exciting landmark for Striker - our first invoice just went out!
Striker Security focuses on developing tools to support information security professionals by helping them grapple with the most difficult component of their work - acquisition, analysis, and application of mountains of data.
Our current work developing a system to geolocate attackers covers this entire spectrum - geolocation techniques, data collection, storage, and analysis, all the way through visualization, reporting and effective communication. The system is being developed for a small pentesting firm - stay tuned for its public release.
I’m incredibly excited to see where the road ahead takes us. If you would like to be part of the journey, get in touch or sign up for our mailing list below.
The idea here is to parse through the Metasploit Project’s available exploits to determine what the distribution of payload sizes is, with an eye to deciding whether that super cool stager idea you had the other day is worth pursuing.
If you’re familiar with the concepts of vulnerabilities, exploits, and stagers, go ahead and skip to the graphs below. Otherwise, read on:
In August of 2015, I had the incredible opportunity to present alongside two others at BSides Las Vegas on command and control (C2) and data exfiltration (or infiltration) over publicly available cloud services.
The talk covered sneaky-creeper, a framework for C2 and data exfiltration I’ve been working on with a small group of contributors.
We present an overview of the framework, and briefly brush on future work, but I’d like to go further with this post into where the framework stands.