by frank | Mar 26, 2020 | Blue Team, Palo Alto, Security, Windows
Reading Time: 4 minutesBefore reading note: for practical reasons (time consuming) not all the printscreen shots have been made with same settings (ip addresses mainly i used once 192.168.150.196 and sometimes 192.168.1.71) For tests i created a simple reverse_http...
by frank | Mar 25, 2020 | Palo Alto, Security
Reading Time: 3 minutesMy first installation was done by download the OVA and not by installating the linux package. 1st issue encountered, in the welcome example they propose to do a !whois domainname in the dBOT. Well if you haven’t configured the integrations...
by frank | Feb 26, 2020 | Blue Team, Palo Alto, Red team
Reading Time: < 1 minutesDNSTwist is a great tool for blue and red team. Github link : https://github.com/elceef/dnstwist or an online version : https://dnstwister.report/ This tool will generate a high amount of possibilities of typosquatting (addition,...
by frank | Dec 31, 2019 | Palo Alto, Privacy, Security
Reading Time: < 1 minute On Friday the 20th of December 2019 we realized that for a customer, the files that were analyzed by the Wildfire of PaloAltoNetworks via the TMS in Europe was using the Wildfire engine based in the US ! I raised an ticket, and with the...
by frank | Dec 19, 2019 | Misc, Palo Alto, Privacy, Security
Reading Time: < 1 minutesIn order to set Wildfire not to send to the American Global Wildfire. In PAN OS Device > Setup > WildFire and edit value to eu.wildfire.paloaltonetworks.com If you want less security because there is a requirements that no data is...
by frank | Sep 19, 2019 | Palo Alto, Red team, Security
If you see files likes below = NO PANIC ! zzzz346468454.txt !!!!4873487.doc XORXOR131395328.pem zzzzz1128386401.png ZZZZZ4032929292.pptx !!!!!28748750874.pst !!!!!195855848565.bmp XORXOR394587587.pdf You are probably experimenting the display of the honeypot files of...
Recent Comments