Posts

Showing posts from November, 2016

Some malware analysis sandboxes

REMnux: A Linux Toolkit for Reverse-Engineering and Analyzing Malware https://remnux.org/ SANS Investigative Forensic Toolkit (SIFT) Workstation Version 3 http://digital-forensics.sans.org/community/downloads Drakvuf - DRAKVUF is a virtualization based agentless black-box binary analysis system. DRAKVUF allows for in-depth execution tracing of arbitrary binaries (including operating systems), all without having to install any special software within the virtual machine used for analysis. SANS Investigative Forensic Toolkit (SIFT) Workstation Version 3 https://github.com/appcoreopc/drakvuf https://drakvuf.com/ Caine http://www.caine-live.net/page5/page5.html DEFT Linux http://www.deftlinux.net/ PlainSight http://www.plainsight.info/download.html Helix3 http://www.e-fense.com/products.php Paladin Forensic Suite (commercial) https://sumuri.com/software/paladin/

Some malware analysis sandboxes

REMnux: A Linux Toolkit for Reverse-Engineering and Analyzing Malware https://remnux.org/ SANS Investigative Forensic Toolkit (SIFT) Workstation Version 3 http://digital-forensics.sans.org/community/downloads Drakvuf - DRAKVUF is a virtualization based agentless black-box binary analysis system. DRAKVUF allows for in-depth execution tracing of arbitrary binaries (including operating systems), all without having to install any special software within the virtual machine used for analysis. SANS Investigative Forensic Toolkit (SIFT) Workstation Version 3 https://github.com/appcoreopc/drakvuf Caine http://www.caine-live.net/page5/page5.html DEFT Linux http://www.deftlinux.net/ PlainSight http://www.plainsight.info/download.html Helix3 http://www.e-fense.com/products.php Paladin Forensic Suite (commercial) https://sumuri.com/software/paladin/

Some malware analysis sandboxes

REMnux: A Linux Toolkit for Reverse-Engineering and Analyzing Malware https://remnux.org/ SANS Investigative Forensic Toolkit (SIFT) Workstation Version 3 http://digital-forensics.sans.org/community/downloads Caine http://www.caine-live.net/page5/page5.html DEFT Linux http://www.deftlinux.net/ PlainSight http://www.plainsight.info/download.html Helix3 http://www.e-fense.com/products.php Paladin Forensic Suite (commercial) https://sumuri.com/software/paladin/

Some malware analysis sandboxes

REMnux: A Linux Toolkit for Reverse-Engineering and Analyzing Malware https://remnux.org/ SANS Investigative Forensic Toolkit (SIFT) Workstation Version 3 http://digital-forensics.sans.org/community/downloads Caine http://www.caine-live.net/page5/page5.html DEFT Linux http://www.deftlinux.net/ PlainSight http://www.plainsight.info/download.html Paladin Forensic Suite (commercial) https://sumuri.com/software/paladin/

How do you get the Linux version you're working on?

Believe it or not, this does the trick. It's that easy. :) cat /etc/*release

Resource interpreted as Stylesheet but transferred with MIME type text/plain

Image
Getting this error "Resource interpreted as Stylesheet but transferred with MIME type text/plain". Solution : Ensure you IIS is enabled to load "Static Content" - Go to Turn Windows Features on or off and look for static content as show in diagram below :- Once you have installed it, you're ready to go.

MSSQL - Recovering user account when you accidentally delete relevant login account

I had the good experience of removing local domain account (windows authenticated user) from my mssql database and you guess it, i was not able to login at all using windows authenticated users. Instead  of reinstall my database, here's what i did :- a) stop "Sql Server (MSSQL Server service) b) net start mssqlserver /m c) fire up SQL Management studio and login using Windows Authentication. d) Perform recovery process whereby you add relevant users accounts here. e) Restart your MSSQL server service and login. That's it.