Custom TCP Shell and Mobile Messaging Apps
February 23, 2019
During a recent customer engagement, I found the "customtcp shell" meta with some very interesting...
Web Shells and RSA NetWitness Part 3
February 19, 2019
This blog post is a follow on from the following two blog posts: ...
Bulk Content Deployment with Resource Bundles
February 19, 2019
Joshua Randall had a recent post that showed how to use the resourceBundle package to create a...
Web Shells and NetWitness Part 2
February 13, 2019
Following up from the previous blog, Web Shells and RSA NetWitness, the attacker has since moved...
Web Shells and RSA NetWitness
February 12, 2019
Introduction This blog post demonstrates a common method as to how organisations can get...
Scripting your Whitelists with Lua
February 12, 2019
A couple of interactions with customers recently sent me down the path of designing better...
What's on your wire: Zero-Width Spaces and their hidden danger
January 28, 2019
There are many reasons I enjoy working with the RSA Netwitness Platform, but it’s when our...
Investigation Profiles for Analysts
January 21, 2019
RSA NetWitness v11.2 introduced a very useful feature to the Investigation workflow with the...
What's that Service again?
January 21, 2019
Most people don't remember the well known port number for a particular network protocol. Sometimes...
Log Device Health Report
January 21, 2019
There have been many improvements made over the past several releases to the RSA NetWitness product...