Category: How-To
-
A Gozi Banking Malware Detector – Zeek Roulette #3
I had talked about Gozi malware in our eCrimeBytes podcast here: Last Man From Gozi Banking Malware Group Sentenced To Three Years – eCrimeBytes Nibble #51 In my technical real life job…
-
Detecting Amadey Malware With Zeek – Zeek Roulette #2
For my Zeek Roulette #2 I picked a recently submitted sample off of ANY.Run that ended up being Amadey: https://app.any.run/tasks/31ba58da-30d1-4a08-940d-2412fc629221/ You can download the PCAP from the link above if you navigate…
-
How To Make Your Voice Sound Sexy Using A USB Microphone On A MacBook
This method will let you make your voice sound sexy through any application like Zoom, Microsoft Teams, StreamYard, etc. After installing OBS, you will need to install the donationware Virtual Audio Cable…
-
Detecting njRAT/Bladabindi Malware With Zeek – Zeek Roulette #1
Welcome to the first edition of Zeek Roulette, where I pick a random Zeek topic and try to solve it! For this article I picked njRAT malware from Any.Run and tried to…
-
Using Logitech Brio In 4K In OBS On A 2019 Intel MacBook Pro
I do a fair amount of recording for my YouTube channel on a MacBook Pro, circa 2019. It has the Intel chip. Nothing I found online worked exactly for me when I…
-
Zeek Clustering How-To Video
I put together a Zeek clustering video over at Youtube (https://youtu.be/g-QvpYHgh1c). You can get to the slides through: https://docs.google.com/presentation/d/1HHHF4-FNhoSuy-YPMOWka3EGvfOW7CJAFeS9VHxBg_E/edit?usp=sharing The source code is available at: https://github.com/corelight/CVE-2022-24491
-
Using Zeek Signatures To Detect CVEs
I put a video together (https://www.youtube.com/watch?v=PcXjkUt3rZA) discussing a method I have used to detect CVEs using just Zeek signatures: https://docs.zeek.org/en/master/frameworks/signatures.html This method is useful when trying to detect a CVE exploit in…
-
Top 10 Mostly All Free And Open Source Podcast Creator Tools
Wonder what software we use to produce https://ecrimebytes.com? Here you go. Click on the application name to go to their website. Audacity, Blender, GIMP, and Shotcut are open source. If you have…
-
How To Profile A Zeek Spicy Protocol Analyzer
This is a good page over at the Zeek Spicy Wiki on how to profile protocol analyzers: https://github.com/zeek/spicy/wiki/Performance-profiling-of-Spicy-parsers
-
My Zeek How-To Video Playlist
Here is a playlist I put together of just my Zeek How-To videos: