#toolsmith search results

Artisan toolsmiths sharpen and temper steel blades with community-sourced charcoal, combining traditional cooling methods and modern hardness testing for performance. #Toolsmith #EdgeTech

The 150th issue of #toolsmith, a 16+ year milestone, is a deep dive into the @CISSMaryland Cyber Attacks Database, with exploratory data analysis and forecasting methods, with a lean towards #visualization holisticinfosec.io/post/eda-cissm… Useful #rstats for #blueteam sec & data analysts.

#toolsmith

Hunt, search, and extract Windows event log records with Chainsaw, now in #toolsmith 148. Experiments with an old #DFIR malware case, as well as APT Simulator. The saw is the law! ⁦@AlexKornitzer⁩ ⁦@FranticTyping @sigma_hq ⁦@cyb3rops⁩ ⁩ holisticinfosec.io/post/chainsaw/

.@jayjacobs I made you something.😊EPSScall is an Exploit Prediction Scoring System app now in #toolsmith 147. An #RStats Shiny app to interact with the @FIRSTdotOrg EPSS API. Use of EPSS is vital: knowledge of vuln exploit contributes to org survivability holisticinfosec.io/post/epsscall

A supervised learning approach to Living off the Land (LotL) attack classification, in #toolsmith 146. LotL reverse shells, file uploads & coin miners, classified bad via #MachineLearning from @AdobeSecurity's Security Intelligence. #security #DataScience tinyurl.com/lotlclassifier

Zircolite versus Defense Evasion & Nobellium FoggyWeb in #toolsmith 145: a SIGMA-based detection tool for EVTX & JSON. bit.ly/zircolite Includes work from @waggabat @cyb3rops @sbousseaden @MalwareRE @SwiftOnSecurity @markrussinovich @mxatone @MITREattack in one short post.

Check out Vintage camera! Available for the next about 22 hours via @Teespring: tspr.ng/c/new-vintage-… #toolsmith

#toolsmith favorite SpectX has launched support for analyzing Windows Events (.evtx files) to investigate incidents and find suspicious activity on Windows systems. #BlueTeam #DFIR #ThreatHunting spectx.com/articles/analy…

A #toolsmith snapshot utilizing @Icemoonhsv's Sim for #AdversaryEmulation is available for your review & consideration. A ton of potential for Sim in #detection testing scenarios for #blueteam #DFIR #DART and others. Well done, Hope. bit.ly/sim4emu

Seeking an escape from the chaos of U.S. national news I posted a long overdue #toolsmith snapshot of @mhgeay's Gordon for cyber reputation checks via threat & risk information about IOCs such as IP addresses, hashes & domains. bit.ly/GordonIOC #BlueTeam #DFIR #SolarWinds

The old Bell Labs term for @erickhydrick's "plumber" was "toolsmith" hydrick.net/2020/11/30/roc… #toolsmith #focusonthefundamentals #fundamentalsmatter #beaplumber #noninjasneedapply #rockstaryeahright See also: antipaucity.com/2014/06/25/who…

#toolsmith snapshot: Sooty, a SOC Analyst's All-in-One Tool to help speed up SOC workflow. I've been using it regularly as I'm currently in a daily hunt work load, and find it quite useful to speed up initial triage. #SOC #BlueTeam #DFIR #Sooty bit.ly/Sooty4SOC

Cybersecurity - Mitre ATT&ACK. Discover the best articles of the week: 16.10.2020 buff.ly/3k4ak7P #toolsmith #cybersecurity #ransomware

Since I last discussed @brimsecurity use with @Cyb3rWard0g & @Cyb3rPandaH's Mordor APT29 datasets in #toolsmith 144, @OliverRochford has been hard at work for Brim, exploring further & documenting his practice well. Check out medium.com/brim-securitys… & the prior post. Great work!

Where else can you find @brimsecurity @Mordor_Project @MITREattack & @AmonAmarthBand🤘in one place? #toolsmith 144, of course! Join me for To the Brim at the Gates of Mordor Pt. 1 where we search & analyze Mordor APT29 PCAPs with Brim bit.ly/BrimMordor1 #blueteam #dfir #epic

That's awesome @holisticinfosec ! Very very happy to see the @Mordor_Project helping during testing and validation 🙏 I am releasing a few more datasets (sec events & PCAPs) during @BlueTeamVillage weekend 😉🍻 Looking forward to #toolsmith 144!

I’m using the Mordor APT29 dataset (⁦@Cyb3rWard0g⁩, ⁦@Cyb3rPandaH⁩) to put the ⁦@brimsecurity⁩ desktop client though it’s paces for #toolsmith 144. Nothing like honing your hunting fu to pull out of a funk. Thanks for the awesome, all! mordordatasets.com/introduction.h…

Vote @faradaysec ! 2015 #Toolsmith Tool of the Year bit.ly/1UIRErB /cc @holisticinfosec

The #reconng secret to #toolsmith success…

Merry Christmas, Internets. Love, #toolsmith

Now in #toolsmith: Faraday IPE - When Tinfoil Won’t Work for Pentesting bit.ly/1M5Hc9u @fede_k @faradaysec

I'm a few days late, but #SET on my screen again while I watch Mr. Robot makes me so happy, @HackingDave #toolsmith

Close race, we have a winner! @joshsokol's @simpleriskfree voted Best of #toolsmith's 10 yrs. I'll donate to charity of his choice in honor.

Good tutorial from @HackingTutors re: Dynamic Malware Analysis Tools hackingtutorials.org/malware-analys… #toolsmith #DFIR #malware cc @cyb3rops

Now in #toolsmith 140, @EricRZimmerman’s #KAPE vs @Mandiant ’s Commando, a #blueteam vs #redteam vignette. KAPE=brilliant, the love it receives is worthy. bit.ly/KAPE-TS. Endless opportunities to come in behind #RedTeam & clean up their rainbow unicorn skittles doodie

As a longtime @PwnieExpress supporter (#toolsmith), thrilled to see #PwnPhone on #MrRobot. Congrats, well deserved.

Compiled & testing @_vivami's #SauronEye for a little #toolsmith feature. It's fast & capable as Vincent says it is. github.com/vivami/SauronE… This is a great tool for scraping drives & shares for sensitive unstructured data, because no one ever leaves passwords in cleartext files

In the midst of writing #toolsmith on @KevTheHermit's VolUtility when much to my pleasure...this. Well played, sir.

Thrilled to share @yampelo's Beagle with you via #toolsmith 138: bit.ly/BeagleDFIR. Beagle is a #DFIR #BlueTeam powerhouse that exemplifies the vitality of #graphs & #visualization. Beagle was presented @BlackHatEvents Asia @ToolsWatch & looks to be a real game changer. Go!

Bring security data to life with #gganimate in #toolsmith 137: Animate YouR Security Analysis, based on thomasp85's excellent work. Static visualization for security analysis is effective, but a time-based, animated visualization elevates the art. …

#Toolsmith Snapshot: Ad Blocking With @The_Pi_Hole bit.ly/PiHole, a DNS sinkhole that protects your devices from unwanted content, without installing any client-side software. If you haven't given Pi-hole a try yet, please take the opportunity to do so. #RaspberryPi

Bring security data to life with #gganimate in #toolsmith 137: Animate YouR Security Analysis, based on @thomasp85's excellent work. Static visualization for security analysis is effective, but a time-based, animated visualization elevates the art. bit.ly/animatedata #rstats

A new post for your hopeful stuck-at-home-looking-for-something-to-nerd-out-on reading pleasure. #toolsmith 143 now available, @SpectX: Log Parser for DFIR. bit.ly/SpectX4DFIR Thanks @lii5a for an offering well worth the effort. #SpectX4DFIR #BlueTeam #infosec #DataAnalytics

HolisticInfoSec: #toolsmith #114: #WireEdit & Deep Packet Modification from@holisticinfosec buff.ly/1U7lDdw

So 25 years after it arrived, wrapped separately, in the box with the power saw he bought, this was unwrapped by partner today, and is now in use. 😶 #Toolsmith

#Toolsmith Snapshot: Ad Blocking With The_Pi_Hole bit.ly/PiHole, a DNS sinkhole that protects your devices from unwanted content, without installing any client-side software. If you haven't given Pi-hole a try yet, please take the opportunity t…

Thrilled to share yampelo's Beagle with you via #toolsmith 138: bit.ly/BeagleDFIR. Beagle is a #DFIR #BlueTeam powerhouse that exemplifies the vitality of #graphs & #visualization. Beagle was presented BlackHatEvents Asia ToolsWatch & looks to be a…