Posts

Things I Do to Investigate Beacons

I’m coming to you today because I published a new tool. I recently set up Corelight@Home to test it out, and have Rita installed alongside it. It’s a pretty cool combo and took very little time to set up. But I found myself spending a lot of time looking up the results that showed up in Rita, and I figured I could automate some of that process. The result is UnknownBeacons.

I'm Not Using VMWare Anymore...

It’s true. I’m not using VMWare anymore. It was a bitter-sweet journey, but alas all things come to an end. I originally switched to VMWare from VirtualBox because I couldn’t get VirtualBox to open any Windows machines. That was an absolute deal-breaker. I needed to find a solution to running a Windows VM, and because I have a linux host I wasn’t going to use Hyper-V so I figured I’d give VMWare a shot.

I Don't Remember INetSim Being This Complicated

I mentioned on my post from last week that I’m migrating over to VMWare from Virtual Box due to a weird issue with getting Windows VMs running. Since I finally figured out how to get VMWare actually installed, I started recreating my malware lab. After getting my REMnux box set up and spending the three fucking hours it took to set up FlareVM, I followed the instructions from HuskyHacks for setting up INetSim.