Using Firefox Browser for Security and Privacy

Mozilla's Firefox web browser (https://www.mozilla.org/en-US/firefox) is an excellent addition to any security professionals toolkit.  Firefox offers a number of handy extensions that can address security testing as well as preventative security and privacy tools.  Unlike Google Chrome, Firefox won't leak data back to Google or otherwise expose private information to a corporate entity which is why I recommend it.  Although Firefox presents a number of excellent security and privacy features built-in there are also quite a few plugins that can enhance these capabilities.

PHP Insecurity (open letter to Dave Aitel)

Dave Aitel, the owner of Immunity, Inc. a security consulting company and maker of the Canvas penetration testing software, recently appeared on the Loopcast podcast (episode 73).

Monitor your LAN with Raspberry Pi

I recently got a Raspberry Pi device, which has been a LOT of fun.  A couple of folks asked me as soon as I got it, "What do you plan to do with it?"  It seems that a lot of people buy a Raspberry Pi as a toy, play with it for a few hours, then toss it in their junk drawer, which is unfortunate.  The Raspberry Pi is an excellent device to have on your network for a number of reasons, all of them serious.

Mounting a Forensic Image in Windows

Guidance on how to mount a forensic image capture file from a Windows based investigation machine.

PreviewAttachmentSize
mount_img_win.pdf517.23 KB

Mounting a Forensic Image in Linux

Guidance on how to mount a forensic image capture file from a Linux based investigation machine.

PreviewAttachmentSize
mount_drive_img.pdf197.75 KB

Forensic Capture Guidance

I recently wrote up some guidance for folks taking forensic images and drive clones in the field (without the benefit of a forensics workstation).  The guidance is attached to this post, as a PDF.

PreviewAttachmentSize
forensic-capture.pdf271.25 KB