Yara writeup – TryHackMe

YARA (Yet Another Ridiculous/Recursive Acronym) is a great open-source resource (and language) designed for creating and sharing pattern matching rules. One of the most popular uses for YARA rules is to identify and classify files or data based on specific patterns or characteristics, specifically in malware research and digital forensics. The Yara room in TryHackMe covers the basics of what is YARA, how to use Yara rules to match strings in some given files, how to use some tools like LOKI to manage and compare YARA rules in bulk, and how to create your own rules with yarGen. I didn’t…

Read MoreYara writeup – TryHackMe

The Open University – Cisco CyberOps forensic investigation (Final Assessment)

Through my learning in the CyberOps certificate through The Open University, what I really enjoyed the most were the hands-on labs, specifically the forensic investigation ones, as that’s where I could practice all the theory learnt thorough the course. These labs did not only focus on Cisco proprietary software, but also provided brilliant instructions and labs for many open-source IDS and IPS services which is always great! These forensic labs would often be hosted in a Security Onion VM, and would often have us scanning through existing alerts in multiple IDS systems like Sguil, Wireshark, Zeek (Formerly Bro), Kibana and…

Read MoreThe Open University – Cisco CyberOps forensic investigation (Final Assessment)

Email aliases, online identity and threat modelling

Until not long ago, I didn’t think twice about sharing my old (then main) Gmail email address with literally any and every service I’d come across in the internet. A 10% discount for sharing my email with this questionable eCommerce site? Sure, why not. Signing up to a dodgy forum just to be able to read some obscure post from 7 years ago? Hell yeah! I never really thought of my email address as sensitive information. Sure, I may get newsletters that I can unsuscribe from, or perhaps some annoying marketing or sales emails here and there, but most of…

Read MoreEmail aliases, online identity and threat modelling

How to migrate your data from TV Time to Trakt

I watch a lot of TV, and for a few years now I’ve been using some of those tracking applications where you can follow shows, mark them as watch, comment and rate episodes and follow any newer releases and release calendars. I started using TV Time a while ago and whilst the application is not bad, it had a few irks that I did not enjoy. One of the biggest issues is the fact that they don’t allow to export any data, so if they were to close their services tomorrow, I would not have any easy way of migrating…

Read MoreHow to migrate your data from TV Time to Trakt

Fixing ERR_TOO_MANY_REDIRECTS in WordPress

I have been playing with WordPress on and off for many years now, and although I’m not a heavy plugin user (The less plugins you use, the less windows you leave open to potential vulnerabilities), one of the plugins I rely on is Really Simple SSL. Really Simple SSL makes it extremely easy to create and deploy your Let’s Encrypt free SSL certificate, renew it automatically, as well as to force URL redirect from HTTP to HTTPS, and although this later feature is great, more often than not it has caused me some issues as it can cause your entire…

Read MoreFixing ERR_TOO_MANY_REDIRECTS in WordPress

Setting up Pi-hole and a Plex media server in a Raspberry Pi 4

For a while, I used one of my Raspberry Pi 4 (4GB Model + 256GB MicroSD card) as a NextCloud server using the NextCloudPi image, and although it was pretty neat, it was more of an experiment since I didn’t really feel the need for a local cloud with my current setup. This left me with a spare Raspberry Pi. So recently, I decided to repurpose this Raspberry Pi and give it 2 new purposes in life: And whilst the installation and set up process of both solutions is pretty straightforward, I thought this could make an interesting post for…

Read MoreSetting up Pi-hole and a Plex media server in a Raspberry Pi 4

I joined the (ISC)² on an exam writing workshop

Recently, I had the amazing opportunity to collaborate with (ISC)², the renowned cybersecurity nonprofit that specializes in cybersecurity certifications. Shortly after earning my Certified in Cybersecurity credential and becoming an (ISC)² member, I was invited to join them as a Subject Matter Expert (SME) and join other SMEs in a 3-day exam writing workshop to help develop items for their future Certified in Cybersecurity exams. The Certified in Cybersecurity certification is the entry-level certification offered by (ISC)², so it was particularly great to work on a certification that will often be the first step for many people getting into the…

Read MoreI joined the (ISC)² on an exam writing workshop

Bypassing ChatGPT’s ethical filters & the rise of AI-Generated malicious content

If there is a word to describe these past few months, that word would be revolution. From image-generaitng machine learning models such as DALL-E mini (Now Craiyon) or Stable Difussion to language models like ChatGPT, at this point everybody and their dogs have probably been hearing all about these new revolutionary Artificial Intelligences. And if you have been messing around with them, you probably know well how impressive they are! Today I wanted to mostly focus on ChatGPT, the advanced language model developed by OpenAI, which has been making headlines and taking the world by storm since its release in…

Read MoreBypassing ChatGPT’s ethical filters & the rise of AI-Generated malicious content

What is DNS and how to configure a Network Firewall through NextDNS

Often compared to “the phone book of the internet“, a DNS or Domain Name Server essentially stores and correlates the IP addresses of websites and servers with their registered hostname or domain name (like prats.co!), which are human-readable and generally easier to remember. When searching the web for a specific domain, our computer (client machine) will reach out to a DNS resolver, which then through a series of queries, will reach to additional TLD, Root and authorative nameservers to find the IP address of the website associated to that domain: If the domain is a very well-known domain or used…

Read MoreWhat is DNS and how to configure a Network Firewall through NextDNS

Email authentication through SPF, DKIM and DMARC

Email is flawed, and threat actors know this very well. Email was originally created over 50 years ago, and whilst it has evolved quite a lot during this time, email is still far from being as secure as other communication methods. On today’s threat landscape, up to 91% of all cyberattacks start with Spear Phishing emails. Unlike regular phishing emails, which are usually sent in bulk to thousands of email addresses at the same time, Spear Phishing are highly targeted phishing emails intended for a very specific individual or organization. Often, when thinking of phishing emails, many people think of…

Read MoreEmail authentication through SPF, DKIM and DMARC