Automating incident response and digital forensic tools - EU CEF funded project by NCSC-FI, Jyväskylä University of Applied Sciences & University of Oulu
Joined March 2018
- Tweets 114
- Following 15
- Followers 188
- Likes 9
18 Photos and videos
CinCan project retweeted
6 Oct 2021
Our recent article should be interesting for all of you working with open source infosec tools. We identified 100 popular tools based on public data. The article is available at urn.fi/urn:nbn:fi-fe20211001….
#Cybersecurity #OpenSource #OUSPG #UniOulu
4
2
CinCan project retweeted
3 Jun 2021
Security testers are challenged by the attackers and the need for test automation. I explore the idea of agile security testing, performing penetration testing first and designing test cases after that.
medium.com/ouspg/agile-secur…
#cybersecurity #agile #automation #testing
3
3
CinCan project retweeted
6 Apr 2021
I continued my posts on cybersecurity by arguing that security testing can also be done bottom-up. Compared to top-down security analysis this may produce findings faster and be more applicable in many situations.
medium.com/ouspg/bottom-up-s…
#CyberSecurity #SecurityTesting
6
4
CinCan project retweeted
2 Mar 2021
I continued with my blog posts on software security. Now I present 10 secure design principles and examples of how to map them into software security requirements.
#CyberSecurity #SoftwareEngineering #SecureDesign
medium.com/ouspg/security-de…
4
7
CinCan project retweeted
9 Feb 2021
I wrote a blog post on software security requirements. Software features are often defined by positive features only. Security can be improved by ruling out insecure unwanted features by negative requirements.
#CyberSecurity #SoftwareEngineering
medium.com/ouspg/reduce-vuln…
1
15
25
CinCan project retweeted
26 Jan 2021
I wrote a blog post on security testing, weaknesses, vulnerabilities, and how to turn tables with the attackers: medium.com/ouspg/turning-tab…
#cybersecurity #security #testing
5
6
We held a CTF (capture the flag) event as a part of CriM 2020. This was our first time arranging a CTF. Our experience was good, but there were few things we could have improved. Read more at medium.com/ouspg/crim-2020-c…
#ctf #ctfd #kubernetes #infosec
2
1
CinCan project retweeted
25 Nov 2020
I had a talk with @robertvamosi from @ForAllSecure about security tools and open source (me talking from 11 mins onwards): thehackermind.com/ep-10-hunt…
#infosec #opensource #cybersecurity
7
3
CinCan project retweeted
28 Oct 2020
Check out my recent blog post! I wrote how we at OUSPG preserve the native command-line experience for (cyber security) tools packaged to containers for easy installation and security. #containers #dfir #cybersecurity #commandline link.medium.com/HqFg4P7DWab
4
1
1 Jul 2020
CinCan ♥️ PDFiD peepdf: Find hidden #malware in your PDF files!
PDF #exploiting a #vulnerability that enables JS execution is a common mechanism of infection. We'll use #CinCan’s tools #PDFiD to find suspicious objects in PDF and #peepdf to take a look at what’s inside them.1/5
4
1
2
1 Jul 2020
Read our blog post to see what else we can do with the #shellcode and #CinCan: medium.com/ouspg/common-malw…. 5/5
1
1
1 Jul 2020
We find out that the #malicious JS code #exploits a buffer overflow that forces the machine to execute the #shellcode stored in the payload variable. 4/5
1 Jul 2020
CinCan’s #peepdf tool extracts suspicious JavaScript code from the PDF into javascript.txt. 3/5
1
1 Jul 2020
CinCan’s #PDFiD tool shows that the PDF contains "/JS" and "/JavaScript" objects which raises 🚩🚩 because they might contain #malicious code. 2/5
2
CinCan project retweeted
30 Jun 2020
.@CinCanproject aims to relieve your digital #forensics pains by creating open source #tools and automated tool chains. Get acquainted with the tools: youtube.com/watch?v=_7dOW9k0… #docker #DFIR #cincan #Minion #cybersecurity
3
4
30 Jun 2020
Today is officially final day of the CinCan project! We would like to thank everyone who has participated to this project in a way or another. Of course there is plans to continue this work in Autumn but first we are heading to summer holiday!
Have a secure summer!
2
1
7
10 Jun 2020
CinCan project is having a workshop showcasing DFIR tools tomorrow 8:00 - 12:00 UTC
cincan.io/workshop/
Tasks include #phishing #memoryanalysis #documentanalysis #deobfuscation #reversing #Dotnet #malware
See you at 11:00 in WhereBy: cincan.whereby.com/workshop
6
9
10 Jun 2020
Setting up a #Cortex server has many #benefits, such as keeping track of your #analyzer job history and #support for #co-working via #organization and #user #management. See #example #setup #files, #scripts and #instructions from the blog post! 6/6
cincan.io/blog/2020_06_10_do…
10 Jun 2020
After running the modification script, the #IoCs are sent to #VirusTotal, the resulting report can be seen from the #Cortex #web #interface. The #scan #report from #VirusTotal classifies the first address as #suspicious. It was a #kill #switch domain for #WannaCry ransomware.5/6
10 Jun 2020
There are a number of #tools on how to extract indicators of compromise (#IoCs) for #Cortex #Analyzers. In this example we will be using the #dockerized #ioc_strings tool, which can extract #hashes, #emails and links from files. We will be analyzing a #WannaCry.exe 4/6