Didier Stevens

Friday 30 November 2012

Nmap 6.25 With McAfee ePO Agent Script

Filed under: My Software,Networking — Didier Stevens @ 13:04

This new release of Nmap includes the McAfee ePO Agent Script I blogged about.

Tuesday 20 November 2012

Update: AnalyzePESig Version

Filed under: Encryption,Forensics,My Software,Update — Didier Stevens @ 20:59

I added several new fields to the output produce by my new tool AnalyzePESig:

  • countCatalogs
  • catalogFilename
  • signatureTimestamp
  • creationtime
  • lastwritetime
  • lastaccesstime
  • dwFileAttributes
  • uiCharacteristics
  • extensions
  • issuer unique id
  • sections
  • subject unique id
  • notBeforeChain
  • notAfterChain

AnalyzePESig_V0_0_0_2.zip (https)
MD5: 738F97F76921FA2220368B3F4190F534
SHA256: E0D43E04AFD242307E3E6B675A650952D2605F45FE55F0B883ACF5B22BA32A01

Thursday 15 November 2012

Quickpost: Spiders and CCTV

Filed under: Physical Security,Quickpost — Didier Stevens @ 15:12

Spiders can be anoying when you own a CCTV system. Here is a picture of a spiderweb in front of one of my cameras with integrated IR LED illuminator:

You can see that the reflection of IR light on the spiderweb is so strong that the glare hides all details behind the spiderweb.

So when you install an outdoor CCTV camera, think about spiders. Try to position the camera in a place where there are no spiders.

When you google for “CCTV spider repellent”, you will find chemical products that should repel spiders from CCTV cameras. But I’ve not had the opportunity to test out such products, they don’t ship outside their country of sale.

Quickpost info

Thursday 8 November 2012

XORSearch for OSX

Filed under: Forensics,Malware,My Software,OSX — Didier Stevens @ 21:58

I made a very small change to XORSearch’s source code (dropped malloc.h) so that it compiles on OSX.

You can find the new version on XORSearch’s page.

Blog at WordPress.com.