Yesterday I walked through mapping a Synology share and pointing qgrep at breach data so the index lives next to the dataset instead of cluttering my home directory. That’s great for portability, but there’s one more step worth calling out: making sure the index actually covers all the file types you care about. Out of the box, qgrep is tuned
If you’ve ever pointed a search tool at a giant dataset on a NAS and watched it spray indexes into your user profile… this one’s for you. Here’s a clean, repeatable way to map a Synology share, tell qgrep to keep its index in a specific folder on that share, and then search it—fast. Use case: I’ve got breach data
In yesterday’s blog post, I mentioned having the opportunity—and honestly, the honor—of sitting down with David Bombal at Black Hat last week and speaking to him about the latest version of my Chasing Your Tail tool, which I featured at Black Hat Arsenal. The video got posted to YouTube today. I will post the link here. Honestly, David and his
Getting ready to share another update from my recent Black Hat conference experience. I’ve spoken at Black Hat a few times over the past several years, but one thing I hadn’t done until this year was present at Arsenal. For those not familiar with Black Hat’s business hall, there’s a special section called Arsenal where you can showcase open source
Hey everyone! I’ve been remiss over the past month – a little over a month, actually – in updating this blog. It’s not that I didn’t want to; I just had a ridiculous travel schedule. I was out for 12 days, back home for four days, then in Huntsville for an amazing week, back home for one day, then up
Anyone who’s read my blog or watched my videos knows how much I love Cursor. I’ve been using AI to help me write code basically ever since AI got decent enough to do it, but Cursor has made it incredibly easy. It’s cheap, and I just love using it—I’ve had great results with it. Over the past couple of weeks,
One thing I say often is “If you see something interesting, grab a copy of it, because it may not be there tomorrow.” Links rot, accounts vanish, YouTube pulls vids faster than you can say “copyright strike.” So anytime you stumble onto a clip that matters for your investigation, download it first, analyze it later. But here’s the rub: browsers
(Kali Linux & Ubuntu, Passive + Active Recon, API Keys, Logging & More) OWASP’s Amass is a fantastic tool, but unfortunately, its documentation is lagging and doesn’t match the current 4.2.0 version. After figuring out the current settings and configuration options, I used AI to help me write a guide for using the current version. The more detailed PDF is
Another update is I got accepted to present at Black Hat Arsenal in Las Vegas this year, which I’m super excited about! If you’re not familiar with Arsenal, it’s a place set up off in the vendors area where people who develop new tools can present them, and it has to be like open source, etc. So basically, several years
In my last post several weeks ago, I stated that I was on a cruise and was planning on taking a short break from blogging. Well, the break lasted a little bit longer than I thought! So it’s time to play catch up a little bit. After the cruise, I came back home for four or five days and then
I’ll try to make a few posts from my cruise this week but no guarantee. Happy easter all!
OpenAI just launched two new models of ChatGPT, o3 and o4-mini. I played with giving o3 images and asking it “where exactly was this image taken”. Within a minute or so it would have an answer and while I’m sure I’ll find some misses, it hasn’t missed for me yet. One of my tests was giving it a picture of
Did a poster signing today at the SANS Cyber Defense booth and am now at dinner with an amazing group of people.
I’ll be giving a third talk at GISEC now discussing cutting edge techniques using AI for audio analysis.
I’ve agreed to give a second talk at the GISEC conference in Dubai next month. Here is the outline: Title: 24/7 Threat Tracking on Telegram: How to Automate Infostealer Log Monitoring With Python Synopsis: In this fast-paced session, Matt Edmondson (author of SANS OSINT courses SEC497 and SEC587) takes you behind the scenes of his automated threat-hunting setup on Telegram—one