UDPot updated and new docker

Posted on April 25, 2020 in Tools • Tagged with honeypot, udpot • 1 min read

UDPot is a littel script to run an honeypot which acts as a real DNS server, sending out DNS replies for the first bunch of requests, and after it work as a sinkhole.

In the last days I refreshed the code, updated the requirements and more spring cleaning.

Now a docker image is available on DockerHub, you can run it with:

$ docker run --name udpot -p 5053:5053/udp -p 5053:5053/tcp -d jekil/udpot

It will run UDPot on port 5053 UDP and TCP, if you want to use it on another port you can bind it with …


Continue reading

EyePyramid: I forgot to do my homework!

Posted on January 11, 2017 in Blog • Tagged with malware, botnet, EyePyramid • 2 min read

Today Italian news were surrounded by the story of brother and sister arrested in Italy for spying on top public officials, institutions and high profile VIPs.

The EyePyramid story has been widely reported and probably it is going to monopolise Italian media for the next week. So I do not want to write about it.

The only official information available (right now) are in the subpoena / arrest warrant (sorry, in Italian). It is filled of operational details about how the bad guys were running their business.

Technically speaking, they wrote a VB.NET malware with RAT / spyware features. They infected …


Continue reading

A Raspberry Pi Home Dashboard

Posted on November 27, 2016 in Blog • Tagged with raspberry • 3 min read

Some time ago I created an home dashboard, using a Raspberry Pi, to have all my favourite tools (i.e. Zabbix, Munin) on a wall screen in my room. Now I want to write down and share with everyone how I put it together.

The whole idea of this is to have the Raspberry Pi hidden behind the screen, so trailing Ethernet cables isn’t ideal. Luckily the Pi supports a range of Wifi adapters, also latest Pi has integrated Wifi.

What you’ll need

  • Raspberry Pi (I used a spare old one)
  • Micro SD Card (8 gigs is enough …

Continue reading

A Lufthansa Horror Story

Posted on August 02, 2016 in Blog • Tagged with flight, lufthansa • 3 min read

TL;DR: What happened today? Thanks to the worst customer service provided by Lufthansa I am going to explain you why I missed a day in Vegas and why, in my over 15 years experience, you should stop flying Lufthansa.

Today, I was heading to Las Vegas, to chill out at BlackHat and Defcon, via Frankfurt and Philadelphia. I was flying  Lufthansa, because in long flights I prefer to spend more and be safe; with my 2 dogs in a checked-in box. Due to many Lufthansa fails in logistics and customer service I miss my flight and I have been …


Continue reading

How to setup an Image Forensic lab with Ghiro

Posted on August 19, 2015 in Tools • Tagged with appliance, ghiro, image forensics • 3 min read

This how to will guide you through the setup of an Image Forensics lab, using Ghiro, a free and open source image forensics tool.

Ghiro comes also with a virtual appliance (it is a copy of Ubuntu Linux with all you need already installed, you can run on your host) to help people get a running Ghiro in few steps.

1. Ready for virtualization

You can run Ghiro Appliance in any host (Mac, Windows or Linux),  only a virtualization software is requested. There are many out there, free and commercial, for example Vmware or VirtualBox.

VirtualBox is a free and …


Continue reading