Latest Posts

Is cryptocurrency market manipulation possible via social media?

With the surge in Cryptocurrencies there has been speculation of market manipulations. I was interested to see if such manipulations (or attempts) could be tracked via Twitter...

Extracting a users mapped network shares

During a recent investigation I came across a process communicating with a mapped network share...

BitScout - Remote incident response and digital forensics toolkit

BitScout is a live CD/USB bootable image that enables incident responders to remotely triage systems whilst maintaining data integrity...

Logstash prune filter with json data

When importing JSON data structures into Logstash you can run into some troubles using the logstash-filter-prune plugin...

Open Source Intelligence and Stock Market correlations

Can insight into the stock market be gained by using Open Source Intelligence to track company stock levels? A failed experiment but interesting concept...

Actor name generator - Threat Roulette

For all those threat intelligence folk that need attribution with a hip actor name...

Multizone - a utility for working in multiple time zones

Working in multiple time zones can be difficult. I required a utility that would allow me at a glance to see the current date and time of a zone. Multizone is a simple bash script to fulfil this requirement...

Logstash slow start-up times and exhausting entropy

I spent the better part of two hours debugging a non-responsive Logstash instance. Turns out it was just slow and /dev/random was the culprit...

Kiwicon X - the closing

In November 2016 I attended Kiwicon X, the 10th iteratoin of New Zealands premier security conference. With 6.3 magnitude earthquake and electromagnetic guns itw as sure an interesting time...