Filtered by Topic: Tools

YAF App Label Signature Context with Analysis Pipeline
Angela Horneman - 06/19/15
In my last post, I presented how to create a YAF application label signature rule that corresponds to a text-based Snort-type rule. In this post, I discuss methods for using Analysis Pipeline to provide context to those signatures....
Making YAF App Labels from Text-Based Snort Rules
Angela Horneman - 06/12/15
Ever want to use a Snort-like rule with SiLK or Analysis Pipeline to find text within packets? Timur Snoke and I were recently discussing how we could do this and realized that while neither SiLK nor Analysis Pipeline themselves do...
Baseline Network Flow Examples
Angela Horneman - 03/20/15
Hi. This is Angela Horneman of the SEI’s Situational Awareness team. I’ve generated service specific network flows to use as baseline examples for network analysis and am sharing them since others may find them helpful....
A Subversive Use of SiLK
Leigh Metcalf - 09/11/14
Hi, this is Leigh Metcalf. In this blog post I talk about a subversive use of SiLK, the open-source tool suite designed by the CERT/CC team at the SEI, available on the CERT website. This post is a technical walk...
Finding Android SSL Vulnerabilities with CERT Tapioca
Will Dormann - 09/03/14
Hey, it's Will. In my last blog post, I mentioned the release of CERT Tapioca, an MITM testing appliance. CERT Tapioca has a range of uses. In this post, I describe one specific use for it: automated discovery of SSL vulnerabilities in Android applications....
Announcing CERT Tapioca for MITM Analysis
Will Dormann - 08/21/14
Hi folks, it's Will. Recently I have been investigating man-in-the-middle (MITM) techniques for analyzing network traffic generated by an application. In particular, I'm looking at web (HTTP and HTTPS) traffic. There are plenty of MITM proxies, such as ZAP, Burp, Fiddler, mitmproxy, and...
10 Years of FloCon
George Jones - 02/18/14
George Jones, chair of the 10th FloCon Conference, discusses the conference's general topics and themes over the years.
Hacking the CERT FOE
Will Dormann - 11/26/13
Will Dormann describes a modification to FOE code to make it work better with another application and encourages others to modify the code themselves.
BFF 2.7 on OS X Mavericks
Will Dormann - 10/23/13
Will Dormann describes how to get BFF 2.7 to run on OS X Mavericks.
Attaching the Rocket to the Chainsaw - Behind the Scenes of BFF and FOE's Crash Recycler
Allen Householder - 09/30/13
Allen Householder discusses the crash recycling feature of the recently released fuzzing tools BFF v2.7 and FOE v2.1.
One Weird Trick for Finding More Crashes
Will Dormann - 09/23/13
Will Dormann announces updates to CERT fuzzing tools, FOE and BFF, and describes the changes in the new versions.
A Look Inside CERT Fuzzing Tools
Allen Householder - 11/05/12
Allen Householder introduces recent reports that describe some heuristics and algorithms implemented in CERT fuzzing tools.
Updates to CERT Fuzzing Tools (BFF 2.6 & FOE 2.0.1)
Allen Householder - 10/25/12
Allen Householder announces the release of updates of CERT fuzzing tools: BFF version 2.6 and FOE version 2.0.1.
CERT Failure Observation Engine 2.0 Released
Allen Householder - 07/23/12
FOE 2.0 applies what we learned from creating BFF version 2.5 for Linux and OS X to improve our fuzzing capabilities on Windows.
CERT Basic Fuzzing Framework 2.5 Released
Allen Householder - 04/30/12
Allen Householder describes features available in BFF 2.5.
CERT Failure Observation Engine 1.0 Released
David Warren - 04/23/12
David Warren describes features available in FOE 1.0.
Announcing the CERT Basic Fuzzing Framework 2.0
Allen Householder - 02/28/11
Allen Householder announces the release of BFF 2.0 and describes improvements and new features.
CERT Basic Fuzzing Framework Update
Will Dormann - 09/22/10
Will Dormann describes new functionality and performances improvements available in BFF 1.1.
CERT Basic Fuzzing Framework
Will Dormann - 05/26/10
Will Dormann discusses how to use BFF to discover vulnerabilities through mutational dumb fuzzing.
Release of Dranzer ActiveX Fuzzing Tool
Will Dormann - 04/16/09
Will Dormann announces the release of Dranzer, a CERT tool developed to test ActiveX controls.