Summary In july of 2019 Armis released a technical whitepaper detailing numerous vulnerabilities found in devices running VxWorks. Since this post is not about explaining what VxWorks is, or why the vulnerabilities are so impactful, I will leave you with this link to the post that Armis put out in july. Since I’m developing Suricata […]
This post is a small follow-up on the network detection theme that I have been posting the last couple months. Recently I got more into writing rules for detecting network threats and wanted to create something similar to what is used in some bigger blue team companies. So without going too much in the why’s, […]
This is a little hobby project of mine that I started to get some experience with Go. DISCLAIMER: I am not a programmer and not responsible for your eye sores reading this code. Please do critique the script. Background I want to kick this post off with a little background information about why I decided […]
Last week I was playing around with some PCAPs I made of my home network, trying to correlate what I saw happening in the PCAP with the alerts generated by my SecurityOnion instance. One specific alert triggered over 1000 times in just two days, this doesn’t say much as I happen test a lot of […]
This is a simple post to explain how to set up a SecurityOnion instance for monitoring a home network. NOTE: Do not use this guide for setting up a SecurityOnion instance for monitoring production environments! About SecurityOnion I could write something here myself but the SecurityOnion Github page does this better: Security Onion is a […]
© sud0woodo 2020. Powered by WordPress