-
How To: Using Tor From The Command Line
2017-11-20
If you're going to be doing work in the “dark web”, it'll be useful to understand how to quickly and easily run commands via Tor. First, assuming you're using Linux, install Tor: sudo apt install tor Next, edit /etc/tor/torrc: sudo vi /etc/tor/torrc Find the line containing the following: #ControlPort 9051 …and uncomment it. Next, find the following line: #CookieAuthentication 1 Uncomment it, and change 1 to 0. Finally, restart the tor service:…more
-
Amazon AWS Insecure S3 Buckets Redux
2017-11-20
In a previous post, I discussed the problems with insecure Amazon AWS S3 buckets, and introduced a simple Python program to hunt for them. Since that time about two months ago, there have been numerous other breaches, including DoD's CENTCOM and its social media spying program OUTPOST. So, I've updated the code in the Github repository above to do slightly more thorough scanning, including patterns matching the bucket names used in recent breaches.…more
-
DIY Threat Intel: Mining Spam For Malware
2017-11-15
If you use email, you already have a wonderful resource available to you for doing some quick and dirty threat intelligence work: your spam folder. Every day, people receive anywhere from dozens to hundreds of spam emails, ranging from plain vanilla unsolicited emails, to unwanted content, to phishing attempts and malware. There's a wealth of information to be mined from your spam folder. Right now, we'll focus on extracting URLs and attachments from your spam emails and automatically analyzing them.…more