Running Ghiro appliance on ESXi

Posted on June 16, 2014 in Tools • Tagged with ghiro • 1 min read

Ghiro is a nice digital image forensics tool (ok it is self promotion..) and it comes as appliance too, this is great when you need a click and run environment to start processing images ASAP.

The appliance is available in OVA format (for VirtualBox, VMware Player and Workstation), unfortunatly the appliance generated with VirtualBox defaults for Ghiro 0.1 can’t run on VMware vSphere Hypervisor (former ESXi), so  starting from today it is available in OVF format for Vmware ESXi.

If you need to run Ghiro on ESXi you can download the Ghiro appliance for ESXi from Ghiro official …


Continue reading

Such Cuckoo, much sandbox: dogeon report

Posted on June 08, 2014 in Tools • Tagged with cuckoo, doge • 2 min read

Several days ago I discovered one of the best projects of this year: dogeon.

DSON (Doge Serialized Object Notation) is a data-interchange format, that is easy to read and write for Shiba Inu dogs. It is easy for machines to parse and generate. It is designed to be as similiar as possible to the `DogeScript Programming Language <https://github.com/remixz/dogescript>`__. DSON is a text format that is not language independent but uses conventions that are familiar to a wide variety of japanese dog breeds. These properties make DSON an ideal data-interchange language for everything that involves Shiba …


Continue reading

Cuckoo Sandbox 1.1 released

Posted on April 09, 2014 in Tools • Tagged with cuckoo • 1 min read

In past days we released Cuckoo Sandbox 1.1, you can check it out from official site or github.

You can read our cool release post which lists all changes.

If you are a Cuckoo user you should upgrade, if you are not, it is time to give Cuckoo a try.


Continue reading

Homemade custom interaction DNS honeypot

Posted on April 02, 2014 in Tools • Tagged with honeypot, udpot • 2 min read

Time ago I needed a weird DNS honeypot with “some” level of interaction.
I mean an honeypot which acts as a real DNS server, sending out DNS replies  for the first bunch of requests, and after it work as a sinkhole.
I did it in Python and Twisted,  named it with the worst name I was able to catch and published it on Github.

I hope all setup steps are documented in README.md, anyway here is a quick recap.

Check it out from Github and create a virtualenv (you have to install it for example with apt-get install python-virtualenv …


Continue reading

New tool for image forensics

Posted on February 08, 2013 in Tools • Tagged with image forensics, photo forensics • 1 min read

Images contained tons of information also known as metadata. I published a simple tool which extracts these information from provided images and display them in a nicely formatted report.

Continue reading