Github is an amazing place to organize and publish programming code (plus a lot more things like lists of resources or a community-written howto.) Exploit developers are actively creating cutting-edge attack tools here. The Googledork contains either: You can add in any other kinds of attacks that are relevant to you, just add them withContinue reading “Blue Team Googledorks: Attack Tools”
Tag Archives: Cyber Threat Intelligence
Blue Team Googledorks: Credential Dumps on Pastebin
A credential dumps is a list of usernames (usually email addresses) and their related passwords. They might have additional information such as address, credit card details, etc. And amazingly, some attackers and attack tools publish this information to Pastebin. Pastebin is a site that allows you to paste text into it, get a unique URLContinue reading “Blue Team Googledorks: Credential Dumps on Pastebin”
Blue Team Googledorks: Web Attacks
After starting a CSIRT for a CDN and web security vendor, I ran into a scenario where I needed to be able to find customers that had public security incidents that we could help them out plus we needed a way to find and track incidents for companies that weren’t customers. To use this Googledork,Continue reading “Blue Team Googledorks: Web Attacks”
New Blog Section: Blue Team Googledorks
Introduction to Googledorking Googledorking is the act of using Google advanced search operators in order to more finely tailor your searches. It’s good for general-purpose searches but where it really shines is when you start to use it in security operations in addition to other Cyber Threat Intelligence (CTI) activities and collection. Googledorking is aContinue reading “New Blog Section: Blue Team Googledorks”
Building a CSIRT or Security Research Team for Startups
One topic that I’ve had several conversations on over the past week with several cybersecurity startups is why they should create a Computer Security Incident Response Team (CSIRT), Computer Emergency Response Team (CERT), or threat research team and how to fund, build, and run the team. TL;DR: I’m a huge champion of building a CSIRTContinue reading “Building a CSIRT or Security Research Team for Startups”
Biases of Customer Base in Cyber Threat Intelligence
Let’s start with a little bit of background. I was a translator (Russian, some Serbian) in the US Army and worked in the intelligence field from when I was 18 until I was 25 and this rewired my brain somewhat. From late 2012 to early 2015, I ran Akamai’s Customer Security Incident Response Team (CSIRT)Continue reading “Biases of Customer Base in Cyber Threat Intelligence”