by frank | Mar 25, 2020 | Palo Alto, Security
Reading Time: 3 minutesMy first installation was done by download the OVA and not by installating the linux package. 1st issue encountered, in the welcome example they propose to do a !whois domainname in the dBOT. Well if you haven’t configured the integrations...
by frank | Feb 26, 2020 | Blue Team, Palo Alto, Red team
Reading Time: < 1 minuteDNSTwist is a great tool for blue and red team. Github link : https://github.com/elceef/dnstwist or an online version : https://dnstwister.report/ This tool will generate a high amount of possibilities of typosquatting (addition,...
by frank | Dec 31, 2019 | Palo Alto, Privacy, Security
Reading Time: < 1 minute On Friday the 20th of December 2019 we realized that for a customer, the files that were analyzed by the Wildfire of PaloAltoNetworks via the TMS in Europe was using the Wildfire engine based in the US ! I raised an ticket, and with the...
by frank | Dec 19, 2019 | Misc, Palo Alto, Privacy, Security
Reading Time: < 1 minuteIn order to set Wildfire not to send to the American Global Wildfire. In PAN OS Device > Setup > WildFire and edit value to eu.wildfire.paloaltonetworks.com If you want less security because there is a requirements that no data is...
by frank | Sep 19, 2019 | Palo Alto, Red team, Security
If you see files likes below = NO PANIC ! zzzz346468454.txt !!!!4873487.doc XORXOR131395328.pem zzzzz1128386401.png ZZZZZ4032929292.pptx !!!!!28748750874.pst !!!!!195855848565.bmp XORXOR394587587.pdf You are probably experimenting the display of the honeypot files of...
by frank | Aug 13, 2019 | Palo Alto, Red team, Security, Windows
Reading Time: < 1 minuteWMIC /Node:localhost /Namespace:\\root\SecurityCenter2 Path AntiVirusProduct Get displayName /Format:List Example Windows ATP (Advanced Threat Protection) will come up as “Windows Defender”. To know if ATP is installed check reg...
Recent Comments