All posts

Packet capture on Windows without drivers >
Packet capture on Windows typically requires the installation of a specialised tool. In most cases this tool requires some form of kernel driver. In this post we demonstrate how to capture IP packets on Windows without requiring any extra software or drivers to be installed.
September 19, 2018
Real-time email scanning with YARA >
YARA from VirusTotal is a powerful tool that can be used to identify and classify malware. In this post we demonstrate how it can be employed to scan email, in real-time, using the NoSpaceships open-source yaraka project.
June 16, 2018
Interesting DNS facts >
Many people are often surprised by the depth of the DNS. In this post we highlight several items not typically learnt about the protocol and its implementations.
May 24, 2018
Fill your SIEM with DNS activity >
In our initial post we demonstrate how the dns-logger from NoSpaceships can be used to capture and feed real-time DNS activity into an Elasticsearch based SIEM.
April 10, 2018