Mickaël Walter

forensic

A quick walkthrough in the VMDK format

VMDK is more a set of formats rather than a unique one. Let's dive in the core principles and demystify it for forensic analysts.

opencti

OpenCTI #9 - case study

Discover OpenCTI in this series. This last episode will wrap up everything with work on a report

opencti

OpenCTI #8 - Use the API

Discover OpenCTI in this series. This 8th episode will give you an overview of the Python API that can be used to interact with OpenCTI.

opencti

OpenCTI #7 - Advanced Features

Discover OpenCTI in this series. This 7th episode will go through advanced features you can use in OpenCTI's GUI.

opencti

OpenCTI #6 - Use the data

Discover OpenCTI in this series. This 6th episode will expose features of OpenCTI that allow you to actually use the data.

opencti

OpenCTI #5 - Reports, groupings, cases

Discover OpenCTI in this series. This fifth post will discuss reports, cases and more generally containers.

opencti

OpenCTI #4 - Connectors

Discover OpenCTI in this series. This fourth post will discuss connectors to add, enrich or share data on the platform.

opencti

OpenCTI #3 - Platform administration

Discover OpenCTI in this series. This third post will walk you through the administrative section of OpenCTI.

opencti

OpenCTI # 2 - Usage basics

Discover OpenCTI in this series. This second post gives a user overview of the platform.

opencti

OpenCTI #1 - Install

Discover OpenCTI is this series. This first post explains OpenCTI installation and core concepts.

Surface RT

Linux on Surface RT - (nearly) full featured OS

A lot of progress has been made by the Open Surface RT team since my last post on this subject. It's time for an update.

Surface RT

Linux on Surface RT - Make the Kernel boot

Until now, nearly no one got to boot Linux on the Surface RT. But recent changes could mark the end of it.

hardware

Reverse engineering LuaJIT

Sometimes, a Lua file is not just a script but can be a bytecode compiled just-in-time. This makes an interesting platform to explore the bytecode world

wordpress

Scraping WordPress REST API in interactive mode

I updated wp-json-scraper to add an interactive mode.

network

Extend your LAN with WireGuard

I configured a WireGuard VPN server to handle remote access to my network aswell as a LAN-to-LAN bridge to remote servers

network

Improving my home network

The hardware provided by my ISP was not sufficient anymore, so I installed some Ubiquiti hardware. Here are my thoughs and mistakes

site news

New look&feel

I migrated from WordPress to Ghost to publish my content. I ran into some difficulties but finally it's there!

hardware

A one glance status light with ESP8266 and Home Assistant

This one glance status light allows to get a quick insight of important metrics retrieved from an MQTT server over WiFi

guide

Use OpenWRT as a MITM router

To make network analysis easier, it can be interesting to setup a MITM router. Using a Raspberry Pi and OpenWRT, this can be made at a low cost

hardware

GamePi Zero

I love retrogaming and hardware projects. To gather the best of 2 worlds, I decided to create my own console.

web

IDOR with MongoDB: understanding ObjectID

Given their complex appearance, some would think that exploiting IDOR based on MongoDB's ObjectID would be difficult. This is not the case as the ObjectID is not random

hardware

Dumping a SLC NAND Flash with Atmel PMECC

Dumping a NAND flash memory can be tricky. Especially with proprietary ECC. Here we dump an SLC NAND flash with PMECC correction.

wordpress

Discovery of WordPress websites using wp-json

WordPress exposes a new REST API since version 4.7. This API can be exploited to retrieve potential confidential information.

web

Account enumeration on web applications

Why a generic message to prevent user enumeration is an acceptable user experience degradation to improve security