Didier Stevens

Sunday 29 November 2020

3 Comments »

1. […] Update: emldump.py Version 0.0.11 […]

   Pingback by Week 49 – 2020 – This Week In 4n6 — Sunday 6 December 2020 @ 8:53

2. Hi Did,

   I have a very trivial project in mind. I think it’s very simple (or I hope so), but I really can’t figure it out, or at least, I am not able to determine the simplest way to do it.

   I thought about Python3 and Sqlite3, but maybe it is not the more straightforward way.

   So, what is my idea… I want to take some Cisco ASA connections logs and translate them in a human readable form.

   Say, for example, the following string:

   192.168.10.10 -> 57.68.72.90/10240

   should be translated to:

   PC-LABORATORY -> IBERIA

   Very easy, isn’t it? Not for me unfortunately 😪

   Sources and destinations ip addressess are all well known, so I can associate every ip address with its human-readable string; they are thousands, so I would create something like a dictionary (excel? sql db? python dictionary? what else?)

   Long story short, I don’t want a solution, just your thoughts about what language and/or data structure you would think of. I can’t really get it, even if I am a grep/sed/awk fan!

   Thank you very much for your attention and sorry for having stolen a bit of your precious time.

   Have a good 2021🍾 😉

   Gian

   Sent from mobile

   Comment by Gian Matteo Esposito — Saturday 2 January 2021 @ 14:48

3. In what (file) format do you have the hostnames now?

   Comment by Didier Stevens — Sunday 3 January 2021 @ 10:11

RSS feed for comments on this post. TrackBack URI

Leave a Reply (comments are moderated)

Enter your comment here...

Fill in your details below or click an icon to log in:

Email (Address never made public)

Name

Website

You are commenting using your WordPress.com account. ( Log Out /  Change )

You are commenting using your Twitter account. ( Log Out /  Change )

You are commenting using your Facebook account. ( Log Out /  Change )

Cancel

Connecting to %s

Notify me of new comments via email.

Notify me of new posts via email.

Δ

This site uses Akismet to reduce spam. Learn how your comment data is processed.

• Pages

  • About
  • Didier Stevens Suite
  • Links
  • My Python Templates
  • My Software
  • Professional
  • Programs
    • Ariad
    • Authenticode Tools
    • Binary Tools
    • CASToggle
    • Cobalt Strike Tools
    • Disitool
    • EICARgen
    • ExtractScripts
    • FileGen
    • FileScanner
    • HeapLocker
    • Network Appliance Forensic Toolkit
    • Nokia Time Lapse Photography
    • oledump.py
    • OllyStepNSearch
    • PDF Tools
    • Shellcode
    • SpiderMonkey
    • Translate
    • USBVirusScan
    • UserAssist
    • VirusTotal Tools
    • XORSearch & XORStrings
    • YARA Rules
    • ZIPEncryptFTP
  • Public Drafts
    • Cisco Tricks
  • Screencasts & Videos
• Search for:

• Top Posts

  • PDF Tools
  • oledump.py
  • My Software
  • Howto: Make Your Own Cert And Revocation List With OpenSSL
  • Test File: PDF With Embedded DOC Dropping EICAR

• Categories

  • .NET
  • 010 Editor
  • Announcement
  • Arduino
  • Bash Bunny
  • Beta
  • bpmtk
  • Certification
  • Didier Stevens Labs
  • Eee PC
  • Elec
  • Encryption
  • Entertainment
  • Fellow Bloggers
  • Forensics
  • Hacking
  • Hardware
  • maldoc
  • Malware
  • My Software
  • N800
  • Networking
  • Nonsense
  • nslu2
  • OSX
  • PDF
  • Personal
  • Physical Security
  • Poll
  • Puzzle
  • Quickpost
  • Release
  • Reverse Engineering
  • RFID
  • Shellcode
  • smart card
  • Spam
  • technology
  • UltraEdit
  • Uncategorized
  • Update
  • video
  • Vulnerabilities
  • WiFi
  • Windows 7
  • Windows 8
  • Windows Vista
  • Wireshark
• 

• Blog Stats

  • 7,303,254 hits

• Twitter @DidierStevens

  • YARA 4.3.0 released: github.com/VirusTotal/yar… 1 day ago
  • RT @DhaeyerWolf: Whilst #microsoft is about to fix the #OneNote emedded file feature, I took a look at how #threatactors can abuse embedded… 1 day ago
  • RT @0xThiebaut: @sans_isc And some #YARA rules to detect #aCropalypse PNG images 👉🏽 github.com/0xThiebaut/Sig… https://t.co/q02k7mo1N4 5 days ago
  • 2 weeks ago I flew to Lapland with all my @NVISOsecurity colleagues for our annual offsite, this time to be held in… twitter.com/i/web/status/1… 1 week ago
  • My #nviso peeps :-) #offsite #lapland @NVISOsecurity https://t.co/rE6up6xOZZ 3 weeks ago

• Archives

  • March 2023
  • February 2023
  • January 2023
  • December 2022
  • November 2022
  • October 2022
  • September 2022
  • August 2022
  • July 2022
  • June 2022
  • May 2022
  • April 2022
  • March 2022
  • February 2022
  • January 2022
  • December 2021
  • November 2021
  • October 2021
  • September 2021
  • August 2021
  • July 2021
  • June 2021
  • May 2021
  • April 2021
  • March 2021
  • February 2021
  • January 2021
  • December 2020
  • November 2020
  • October 2020
  • September 2020
  • August 2020
  • July 2020
  • June 2020
  • May 2020
  • April 2020
  • March 2020
  • February 2020
  • January 2020
  • December 2019
  • November 2019
  • October 2019
  • September 2019
  • August 2019
  • July 2019
  • June 2019
  • May 2019
  • April 2019
  • March 2019
  • February 2019
  • January 2019
  • December 2018
  • November 2018
  • October 2018
  • September 2018
  • August 2018
  • July 2018
  • June 2018
  • May 2018
  • April 2018
  • March 2018
  • February 2018
  • January 2018
  • December 2017
  • November 2017
  • October 2017
  • September 2017
  • August 2017
  • July 2017
  • June 2017
  • May 2017
  • April 2017
  • March 2017
  • February 2017
  • January 2017
  • December 2016
  • November 2016
  • October 2016
  • September 2016
  • August 2016
  • July 2016
  • June 2016
  • May 2016
  • April 2016
  • March 2016
  • February 2016
  • January 2016
  • December 2015
  • November 2015
  • October 2015
  • September 2015
  • August 2015
  • July 2015
  • June 2015
  • May 2015
  • April 2015
  • March 2015
  • February 2015
  • January 2015
  • December 2014
  • November 2014
  • October 2014
  • September 2014
  • August 2014
  • July 2014
  • June 2014
  • May 2014
  • April 2014
  • March 2014
  • February 2014
  • January 2014
  • December 2013
  • November 2013
  • October 2013
  • September 2013
  • August 2013
  • July 2013
  • June 2013
  • May 2013
  • April 2013
  • March 2013
  • February 2013
  • January 2013
  • December 2012
  • November 2012
  • October 2012
  • September 2012
  • August 2012
  • July 2012
  • June 2012
  • May 2012
  • April 2012
  • March 2012
  • February 2012
  • January 2012
  • December 2011
  • November 2011
  • October 2011
  • September 2011
  • August 2011
  • July 2011
  • June 2011
  • May 2011
  • April 2011
  • March 2011
  • February 2011
  • January 2011
  • December 2010
  • November 2010
  • October 2010
  • September 2010
  • August 2010
  • July 2010
  • June 2010
  • May 2010
  • April 2010
  • March 2010
  • February 2010
  • January 2010
  • December 2009
  • November 2009
  • October 2009
  • September 2009
  • August 2009
  • July 2009
  • June 2009
  • May 2009
  • April 2009
  • March 2009
  • February 2009
  • January 2009
  • December 2008
  • November 2008
  • October 2008
  • September 2008
  • August 2008
  • July 2008
  • June 2008
  • May 2008
  • April 2008
  • March 2008
  • February 2008
  • January 2008
  • December 2007
  • November 2007
  • October 2007
  • September 2007
  • August 2007
  • July 2007
  • June 2007
  • May 2007
  • April 2007
  • March 2007
  • February 2007
  • January 2007
  • December 2006
  • November 2006
  • October 2006
  • September 2006
  • August 2006
  • July 2006
  • June 2006

• November 2020

  M	T	W	T	F	S	S
  						1
  2	3	4	5	6	7	8
  9	10	11	12	13	14	15
  16	17	18	19	20	21	22
  23	24	25	26	27	28	29
  30