Uncategorized

November 2, 2016

Email analysis with SpamScope

SpamScope (//github.com/SpamScope/spamscope) is a fast and advanced tool for email analysis developed by Fedele Mantuano (@fedelemantuano).  The analysis engine it’s based on Apache Storm and Streamparse. […]
September 2, 2014

Bifrozt – A high interaction honeypot solution for Linux based systems.

A few days ago I was contacted by our CPRO, Leon van der Eijk, and asked to write a blog post about my own project called […]
August 25, 2014

Beeswarm – active deceptions made easy

Finally we can announce with great pleasure the first public beta of the Beeswarm project. Beeswarm is an active IDS project that provides easy configuration, deployment […]
August 8, 2014

Global Glastopf statistics for June 2014

During the month of June the following information was obtained from Glastopf installations worldwide Geographical spread 10 most popular injected files during the period Short introduction […]
August 2, 2014

Outsmarting the smart meter

The Conpot team recently introduced what we call the proxy module. Basically we forward the traffic from one service in Conpot to a service running on […]
June 17, 2014

Thug in 5 minutes

Ever wanted to run up a quick instance of Thug on a couple of malicious web sites or try it out but lacked the sys op […]
January 10, 2014

Malware-serving theaters for your android phones – Part 2

In this post I will analyze the Android APK files that my friend Pietro Delsante from the Honeynet Project Sysenter Chapter talks about in his previous […]
January 9, 2014

Is Android malware served in theatres more sophisticated?

Pietro wrote a nice post about him finding Android malware while visiting the theatre. Thanks to Thug (thank you Angelo) and HoneyProxy, he was able to […]
March 27, 2013

Ghost 0.3 released

Today I’ve released version 0.3 of the Ghost USB honeypot, which introduces a lot of new features, including a completely rewritten core for better malware detection. […]