Live Memory Acquisition on Linux Systems

In this blog post I’ll be demonstrating a process of obtaining or acquiring a memory image from a running Linux system. The tool of choice LiME (Linux Memory Extractor) and is available on Github. After a forensic image has been acquired we will use Volatility with a custom Linux profile for the analysis, to keep things simple I’ve used the latest Debian Stretch kernel version 4.9.0-8-amd64 as the target system so it’s easily repeatable....

August 26, 2018 · 6 min · Naz Markuta

How to build a Debian MIPS image on QEMU

Update (2021) Debian no longer supports mips big endian, which means some links below to MIPS BE will not work. But you can still follow this tutorial for mips little endian. How to set up and build your own MIPS big endian or little endian image running under the QEMU emulator. This guide can also be applied to other architectures. For example I’m currently running this in a virtual machine inside another virtual machine on my MacBook Pro....

March 18, 2018 · 4 min · Naz Markuta

How to Set up Nzyme and Graylog

This guide shows you how to quickly set up and get started with Nzyme and Graylog version 2.3.2 using Docker. In this tutorial I’m using Mac OS but Docker can be install on any platform. For testing purposes, I’d recommend using Kali Linux or any Debian based distro on where Nzyme sensor is installed. What is it? Nzyme collects 802.11 management frames directly from the air and sends them to a Graylog (Open Source log management) setup for WiFi IDS, monitoring, and incident response....

November 28, 2017 · 6 min · Naz Markuta

Enable HTTPS for News on BBC Online

Since last April in 2016, the main BBC Homepage has been accessible only via HTTPS, which I thought was a good step forward, heading in the right direction. However, most pages or URLs still use insecure HTTP. Trying to navigate to a page while manually typing HTTPS in the browser address bar will force a 301 re-direct to HTTP. Here’s an example of cURL while navigating to /news/ path: $ curl -IL https://www....

November 19, 2017 · 2 min · Naz Markuta

KeyGrabber Nano USB Keylogger Review

Whilst studying at University I became interested in hardware keyloggers, and so decided to purchase one for a research paper. This device is specifically for wired USB keyboards (non Wi-Fi or Bluetooth) which records every single key stroke typed, without the need for drivers or worrying about any security product. I thought why not write a review and share some interesting findings. I DO NOT condone or encourage the use of any such devices for ILLEGAL purposes....

November 1, 2017 · 7 min · Naz Markuta