Interesting Request – Log4J JNDI Exploit
zam Recently, I saw a person asking question on one of Telegram group that I’ve joined. The person said that if anyone know what kind of request is this. The person…
bash
Break-In Analyzer – Quickly analyze auth.log, secure, utmp & wtmp logs for possible SSH break-in attempts
Recently, I encountered incident where several hosts been infected by < █████████ >. So, to investigate this incident, we received bunch of logs to be analyze; mostly Linux related logs.…
Hunting for possible attacker Cobalt-Strike infra
Recently, we have an incident where suspicious traffic was observed related to external C2. Initial finding found that this IP 172.241.27.17 (172.241.24.0/21) resolved to atakaitechnologieshost; according to pDNS in Virustotal…
Check bulk IP for reverse DNS (rDNS)
Recently I’ve encounter list of IPs that are related to CoinHive. So I want to check for domains that tied to these IPs. We can do that by using dig…
Flatten a Nested Directory & File Hierarchy from Command Line of OS X
Lets say you have this kind of file/folder structure: master folder ---- folder1 ---- image1.jpg | | | |-- image2.jpg | | |-- folder2 ---- image1.jpg | | | |--…
Shell script fails: Syntax error: “(” unexpected
There’s one time I encountered this error when executing a bash code/script: install.sh: Syntax error: "(" unexpected The script does not begin with a shebang line, so the kernel executes…