VECTR is a platform for tracking and optimizing red and blue team testing. It allows organizations to simulate attack scenarios and improve detection capabilities. This blog covers installation on Ubuntu 24.04 LTS using Docker, detailing prerequisites, setup steps, and initial navigation of the application with default credentials. Future topics will include advanced configurations.
Category Archives: Tech Blog
OpenCTI Threat Intelligence Platform (adding connectors and feeds)
This blog outlines the integration of two external-import connectors, MITRE ATT&CK and AbuseIPDB, into the OpenCTI platform to enhance Threat Intelligence data ingestion. It provides step-by-step instructions to configure these connectors using docker-compose.yml, including necessary adjustments for URLs and API keys to facilitate data import.
OpenCTI Threat Intelligence Platform (deployed using Ubuntu and Docker-Compose)
Deploying OpenCTI, a powerful threat intelligence platform, using Docker Compose on an Ubuntu virtual machine is a quick and efficient way to set up a scalable cybersecurity solution. OpenCTI provides analysts with tools to visualise, analyse, and share threat data seamlessly. By leveraging Docker Compose, you can simplify the deployment process, ensuring all necessary servicesContinue reading “OpenCTI Threat Intelligence Platform (deployed using Ubuntu and Docker-Compose)”
Arkime Network Analysis & Packet Capture tool (deploying a local demonstration instance)
Arkime is an open-source tool for network traffic capture and analysis, streamlining packet capture with detailed searches and integration with security tools. This blog guides on installing Arkime on Ubuntu using ElasticSearch as the backend. It covers setup and configuration steps, culminating in accessing the Arkime viewer for network insights.
An introduction to Elasticsearch Query Language (ES|QL) – Part 2
This blog post discusses advanced ES|QL features that enhance querying efficiency, including histogram data aggregation, the WHERE command for precise filtering, field type conversions for accurate data handling, and managing multivalued fields. Examples illustrate these concepts, emphasizing their application for effective data insights in Elasticsearch.
Running an Elasticsearch cluster using Docker (Windows).
This blog contains a guide on how to deploy a small Elasticsearch cluster for testing and development purposes on a windows host using Docker.
Generative AI and a Threat to National Security
Generative AI, exemplified by ChatGPT, presents both advantages and risks to society. With millions of users, it faces misuse issues such as misinformation, disinformation, and the sharing of sensitive information. Threats include digital, physical, and political security concerns, fraud, and child exploitation. Addressing challenges involves caution, human validation, security measures, and user education. Governance and regulation are essential.
How to Activate Office
This article contains a step-by-step guide on how to activate Office LTSC 2021 on Windows when there is no option to use the internet. Steps on how to install Office LTSC 2021 on Windows can be found here: https://plannedlink.io/2024/01/06/how-to-install-office-ltsc-2021/ If you experience problems activating Office 2021 or Office 2019, see This product is already installed on anotherContinue reading “How to Activate Office”
How to install Office LTSC 2021
This article contains a step-by-step guide on how to install Office LTSC 2021 on Windows.
Connect to VPN on Startup Before Login
If like me you have a need to establish a VPN from a host to another or even to a secure management network, you might like to configure your host device to establish a connection at boot rather than lose remote connectivity if the device reboots.
You must be logged in to post a comment.