Article index

Security research and technical write-ups

This version keeps the darker original content feel from your old articles page, but presents the links in cleaner horizontal bars rather than stacked boxes.

AuthorJulian Fort
CoverageIR, DFIR, malware, networks, Apple
article indexSeperately written technical write ups

Available articles

The article links are now presented as wide navigation bars so the page feels lighter and easier to scan, while preserving the original list content and darker background style.

Apple securityApple Mac OSX Security attributesAspects of the OSX environment that are of interest to security practitioners. Command and controlSliver C2 framework Apple Mac implantThe setup of open-source Sliver C2 framework to exploit Macbooks via an implant. Malware analysisTrickbot Forensic AnalysisTrickbot malware framework analysis and write up. Digital forensicsForensics Volatility, Reg Ripper and timelinesDigital forensics and the Volatility framework. Incident responseIncident Response TriageThe lifecycle of incident response with triaging and analysis fully explained. MonitoringElasticsearch ELK and packetbeats integration with BROElastic Stack system based on BRO logging detailed. Windows loggingWindows Event Forwarding WEF centralisationWindows Server WEF configuration explained clearly within one piece. Crypto-jackingMonero CryptojackingA detailed breakdown article written on Monero mining and crypto-jacking. Intrusion detectionSuricata rule writingSetup Suricata and write test rules before implementing IDS rules. Network telemetryBRO IDS setup and usageBRO aka ZEEK logging on a SPAN network setup explained. VisualisationMalware GlobeAn implementation of encom globe to display Geo IP data of C&C intelligence. ArchitectureNetwork SegmentationA summary of the benefits of LAN network segmentation. Vulnerability researchSIET Cisco Smart Install VulnerabilityA breakdown of the Cisco device VSTACK vulnerability and its exploitation. ReconShodan search toolset explainedShodan dorks explained and listed. Conference notesThreat Intelligence Summit 2018A rundown of all presentations and talks from a 2018 summit. NetworkingRPF / Access list / IP spoofing preventionRPF, access list and IP spoofing prevention notes. Timeline analysisSupertimeliningE01 image investigation and supertimeline creation with KAPE.