Posts

Configuring splunk forwarder in windows machine

-
Image
  Configuring forwarder in windows machine to forward the logs to SPLUNK in real time. The Splunk universal forwarder is a free, dedicated version of Splunk Enterprise that contains only the essential components needed to forward data. TechSelect uses the universal forwarder to gather data from a variety of inputs and forward your machine data to Splunk indexers. The data is then available for searching. REQUIREMENTS: -                             WINDOWS OS           SPLUNK FORWARDER STEPS: =>  Configuring forwarder in windows machine to forward the logs to SPLUNK in real time. Pc1 = windows 10 . Pc2 = virtual windows machine .   => Download Splunk universal forwarder   in pc2 And run this .msi file . =>Click customize options . and ser path for Splunk forwarder  =>Click ok . =>no ssl certificate so click next. =>...
1 comment
Read more

Malware analysis tools

-
Image
  Best malware analysis tools and their features. Malware has become a huge threat to organizations across the globe. Something as simple as opening an email attachment can end up costing a company millions of dollars if the appropriate controls are not in place. Thankfully, there are a plethora of malware analysis tools to help curb these cyber threats. When responding to a security incident involving malware, a digital forensics or research team will typically gather and analyze a sample to better understand its capabilities and guide their investigation. There are a number of tools that can help security analysts reverse engineer malware samples. The good news is that a few malware analysis tools are completely free and open source.  1.peStudio This is an excellent tool for conducting an initial triage of a malware sample and allows me to quickly pull out any suspicious artifacts. Once a binary has been loaded it will quickly provide the user with hashes of the ma...
1 comment
Read more

Information Gathering Tools – Ghost Eye

-
Image
  Information Gathering Tools – Ghost Eye  1.Tool Description GhostEye is a Python3 based information gathering, footprinting, scanning, and reconnaissance tool. It collects information about the target and provides us with detailed information about our goals. Options Provided:   •         EtherApe – Graphical Network Monitor (root) •         DNS Lookup •         Whois Lookup •         Nmap Port Scan •         HTTP Header Grabber •         Clickjacking Test – X-Frame-Options Header •         Robots.txt Scanner •         Cloudflare Cookie scraper •         Link Grabber •         IP Location Finder • ...
Post a Comment
Read more