All you have to do is send a DNS TXT request and deal with the results.
We’ve created a OpenIOC format XML file out of the report. We think we got everything except the semaphore indicators.
A quick introduction to the X-Drill (Cross Drill) tool in Trisul 3.0 .
This is exciting stuff for a lot of “intel starved” enthusiasts like us. Atleast three types of indicators can be searched for by looking at past network traffic.
f you were to walk into a strange network, you would want to first see what the typical characteristics of the network are.
We can all agree that the repository of packets represents significant business value, otherwise we’d all be sharing our pcap dumps on github. Therefore a breach of this nature can hurt.
We just added support to Trisul for Alien Vaults Open Source IP Reputation.
If you are involved in forensics investigations, you have to pivot quite a bit between data types such as traffic, flows, and packets.
Hey Trisul users, please update your Badfellas plugin to the latest version released today.
If you are running Trisul on Security Onion , have you heard the good news ? Doug Burks has released a new version of Security Onion