by frank | Mar 25, 2020 | Palo Alto, Security
Reading Time: 3 minutesMy first installation was done by download the OVA and not by installating the linux package. 1st issue encountered, in the welcome example they propose to do a !whois domainname in the dBOT. Well if you haven’t configured the integrations...
by frank | Mar 22, 2020 | Misc, Security, Vmware
Reading Time: < 1 minuteI was re-installing on a fresh new copy of Ubuntu server 19.10 the tools, and I didn’t get to get it working. I’ve followed this guide which isn’t too bad :...
by frank | Mar 6, 2020 | Blue Team, Red team, Security, Windows
Reading Time: < 1 minuteA lot of persistance methods can be found and detected by Autoruns from SysInternals (also linked to VirusTotal) A less known method and less detectable persistance method is the Keepass config file. This is automated via the tool released...
by frank | Jan 27, 2020 | Blue Team, Red team, Security, Windows
Reading Time: < 1 minuteThere is a few known ways. The easiest 1st method is to listen to LLMNR broadcast. By Using Responder, our device will publish be the target and the victim will send it’s creds to us as we are acting as MITM (Men in the Middle) Same...
by frank | Dec 31, 2019 | Palo Alto, Privacy, Security
Reading Time: < 1 minute On Friday the 20th of December 2019 we realized that for a customer, the files that were analyzed by the Wildfire of PaloAltoNetworks via the TMS in Europe was using the Wildfire engine based in the US ! I raised an ticket, and with the...
by frank | Dec 19, 2019 | Misc, Palo Alto, Privacy, Security
Reading Time: < 1 minuteIn order to set Wildfire not to send to the American Global Wildfire. In PAN OS Device > Setup > WildFire and edit value to eu.wildfire.paloaltonetworks.com If you want less security because there is a requirements that no data is...
Recent Comments