Unsorted Stuff

A Very Long Good Bye “I didn’t have time to write a short letter, so I wrote a long one instead.” ― Mark Twain Good news, everyone! A new issue of my very irregular (not-so-much-about-security-now) newsletter is out! My original idea of publishing this every quarter (or so) was clearly too optimistic, as you can see. Which leads to a huge problem – there’s a load of links and texts I’d like to share with you, and the length of the text could be demotivating, I know. …

Long time, no see… It’s been a while since I shared any news from the outer world. Doesn’t necessarily mean I stopped reading or caring about the world or you, it just was a difficult year for me. But it’s time to restart this activity, hopefully with more feedback this time! :) Before we really start, I’d like to thank Shawn McGhee and Marek Kumpost for their suggestions, corrections and help with this. …

Secure Home Network Subnet Definitions Let’s start with some subnets definitions: VPN subnet For indidivual users B2B (or rather Home-2-Home) networks will use individual subnets. WiFi guest kids main Docker/VMs For any kind of VMs, Kubernetes, etc. Infrastruktura Switches, routers, APs, management interfaces of NAS, anything else fitting this category (e.g. Docker mgmt) LDAP, Kerberos, Keycloak Home network Most likely the same thing as the main Wi-Fi network. …

Interesting Resources URL Description HomelabOS Basically a personal datacenter, which is a huge part of what I’d like to put together. …

In-Memory Malware Analysis This page contains some information and links for In-Memory Malware Analysis course. In case of any questions, don’t hesitate to contact me at vaclav.lorenc-at-gmail.com or @valorcz on Twitter. Course Texts In-Memory Analysis (text) — A brief introduction to reverse engineering and memory forensics (English). In-Memory Analysis (slides) — Handouts for this course (English). Tools and Templates In-Memory Analysis (tools) — A bootstrap folder structure with Volatility Framework and other tools. …

PV204: Sample Analysis Report This is a sample report describing analysis of xp-infected.vmem memory image (i.e. exercise01). We’ll demonstrate both the structure of the report and one of the possible analysis workflows you could use for your own research/work. Sample Preparation Before we start with the analysis, we need to download the memory image. That can be done via exercise 1 command issued on the VM command line (see the official course documentation for more details). …