I have always wanted to use osquery and checkout the capabliity so what I can understand how it can help me identifyting aversaries in my environment. But to do that, first I needed to understand how it all works. In the post, I will be installing osquery and checking out its power and how it can assist me in protecting my environment. Follow the steps below to perform the installation of osqueryi in virtual machine with following:

Continue reading

I have used gitlab for quite a while as it provides me with quite some flexibility and have some additional advantages over it’s competitor github. I usually use public / private key authentication to push my codes onto the server. but after a fresh installation, I saw the following error when trying to work with gitlab. $ git clone git@gitlab.com:nuclearpasta/vehiclebooking.git Cloning into 'vehiclebooking'... git@gitlab.com: Permission denied (publickey). fatal: Could not read from remote repository.

Continue reading

IntelMQ and ELK

In this blog I will show how use bot IntelMQ and ELK stack together so that the feed from IntelMQ can be pushed into the ELK for analysis. I will not go into the details of architecture for either of these as they are beyond the scope of this blog. In the previous blog post, I have already illustrated how we can install IntelMQ in Ubuntu 20.04 system using sources and use apt command to download packages and install them.

Continue reading

shadow server api

In this blog, we will be using the api provided by the shadow server and obtain information. We will use the official API to pull data from the Shadow Server systems. Previously this has been delivered manually via email but it be manual process where we can configure the intelmq to fetch the email from the email server obtain the attachment and delete the file. But from my perspective, this seems ineffective and not the proper way to do it.

Continue reading

In this post we will be installing IntelMQ, IntelMQ API and IntelMQ Manager. We will be following the original guide provided by the developer. A point to note is, I have initially tried to install the software on LXC system unfortunately I have failed when installing the system on to that platform then after couple of tries I have found that it was quite impossible to install and bring back up the system.

Continue reading

coreboot application

For a official purpose, I had to build a basic application. But it was not a normal application, it had to be a BIOS app. I can code in C/C++ to some extent, but I don’t know how to do it in BIOS. So after many hours, I understood that the easiest way to run is below. Please note that some basics have been already configured as per found in the coreboot document.

Continue reading

In this post we will try to understand the memory more. From here we will be able tweak some parameters and obtain more information regarding how we can assigne values into the memory which we have allocated and then try to access them via pointer and dereference. If we lookinto the code below, we can see that we have mapped a memory location at 0x404000 and we have called it my memory.

Continue reading

Author's picture

rezaur rahman

just thinking out loud to help others

cybersecurity researcher

Mars