Skip to main content

Search

Items tagged with: forensics

Fascinating and sophisticated MiTM ('man in the middle') at Hetzner (DE) and Linode, targeting Russia's largest XMPP/Jabber (civilian) chat service. The authors of the article make a reasonably compelling case that "this is lawful interception Hetzner and Linode were forced to setup."

https://notes.valdikss.org.ru/jabber.ru-mitm/

Excellent mitigation walkthrough here:

https://www.devever.net/~hl/xmpp-incident

Sure gets me thinking.

#infosec #sysadmin #forensics

Encrypted traffic interception on Hetzner and Linode targeting the largest Russian XMPP (Jabber) messaging service —

notes.valdikss.org.ru
#infosec #sysadmin #forensics

JQ - is one of the most popular command line utilities for extracting and processing data from JSON files.

Here is a ultimate cheatsheet to the most useful JQ functions for #osint, #dfir, and #forensics:

https://www.sans.org/posters/json-and-jq-quick-start-guide/?msc=instructor-phil-hagen

Contributors twitter.com/SANSInstitute twitter.com/DavidSzili

JSON and jq Quick Start Guide | SANS Cheat Sheet

This guide is a supplement to SANS FOR572: Advanced Network Forensics and Analysis. It covers the basics of JSON and some of the fundamentals of the jq utility.
www.sans.org
#OSINT #dfir #forensics