Slips
Stratosphere IPS
How Well Do LLMs Perform on a Raspberry Pi 5?

Can a Raspberry Pi 5 run Large Language Models? In this post, we share the results of our experiments, analyzing how LLMs perform on this low-cost hardware and exploring the challenges and performance trade-offs.

How Well Do LLMs Perform on a Raspberry Pi 5?
Stratosphere IPS
Introducing ARACNE, a new LLM-based shell ...

The complete automation of cyber-attacks has become one of the areas of greatest interest since the introduction of Large Language Models (LLMs) to the public. The creation of attacking LLM agents that can act independently is among the most popular options. 

In this blog, we introduce a brand-new agent: ARACNE. We also share the results of attack tests and what they mean in terms of the agent’s current capabilities.

Introducing ARACNE, a new LLM-based shell pentesting agent
Teaching
Stratosphere IPS
Czech Technical University in Prague’s ...

We are thrilled to announce that, for the first time, the Czech Technical University in Prague is offering the "Introduction to Security" course as a Massive Open Online Course!

Czech Technical University in Prague’s "Introduction to Security" Class is now a Free Online Course!
Stratosphere IPS
Google Summer Of Code 2024 In Stratosphere. ...

This blog covers my ongoing GSoC project 2024. It provides information about the current progress of my work, as well as my experiences and lessons learned along the way.

Google Summer Of Code 2024 In Stratosphere. Blog for the first month of Sekhar Kumar Dash
Slips, GSoC2023
Stratosphere IPS
Announcing Google Summer of Code 2023 Projects

Stratosphere is happy to announce the accepted projects in the Google Summer of Code (GSoC) 2023!

Announcing Google Summer of Code 2023 Projects

Paper: A Study of Machete Cyber Espionage Operations in Latin America

On Wednesday, October 2, at the 29th Virus Bulletin International Conference (VB2019) in London, our researchers Veronica Valeros, Maria Rigaki, Kamila Babayeva and Sebastian Garcia will present the results of more than 3 years of studying and tracking the Machete APT in their talk “A Study of Machete Cyber Espionage Operations in Latin America”.

Hexa Payload Decoder Tool: A Tool To Automatically Extract and Decode Hex Data in C&C Servers

Hexa Payload Decoder Tool: A Tool To Automatically Extract and Decode Hex Data in C&C Servers

In this blog post we introduce the “Hexa Payload Decoder Tool”, a tool that is able to process a pcap file and return any decoded characters translated to English. This tool was developed to assist the network security analyst when working and interpreting data sent and received by command and control servers used by malware.

Upcoming Talk: A Study of Machete Cyber Espionage Operations in Latin America

On Wednesday, October 2, at the 29th Virus Bulletin International Conference (VB2019) in London, our researchers Veronica Valeros, Maria Rigaki, Kamila Babayeva and Sebastian Garcia will present the results of more than 3 years of studying and tracking the Machete APT in their talk “A Study of Machete Cyber Espionage Operations in Latin America”.

,

DEFCON 2019. Beyond Sandboxes. How to Execute IoT Malware and Analyze its Evolution

,

We presented a talk at the Packet Hacking Village in Defcon titled "Beyond Sandboxes. How to Execute IoT Malware and Analyze its evolution. We showed how we designed and deployed an IoT malware execution laboratory to run malware for months and how we analyzed it to find novel attacks.

Project Ludus - Smart Honeypot Manager for Collaborative Defense

Project Ludus - Smart Honeypot Manager for Collaborative Defense

In this blogpost we introduce our tool which uses honeypots as a defense mechanism based on the game theoretical model of behavior of the attackers. Ludus fully automates honeypot deployment and management and visualize results in the level of individual routers. [Read more]

IoT Honeypot Traffic Analysis Series. Analysis of Edimax IC-7113W, part 4

IoT Honeypot Traffic Analysis Series. Analysis of Edimax IC-7113W, part 4

In this IoT Honeypot Analysis Series, we focus on the traffic analysis of the Edimax IC-7113W camera. In this episode, we will continue with the analysis of the encrypted packets mentioned in the previous episode. Our goals for this blog post are:

  • to obtain the AES key from the Edimax server

  • to understand what happens with the communication after we obtain the AES key

  • to get a plaintext of the encrypted payload sent from the camera to the server

Summary of the Amparo-CERTUNLP Workshop in Neuquén, Argentina

On May 27-30 I participated as member of the CERTUNLP in a conference organized by the Government of Neuquén province in Argentina. Together with LACNIC in the frame of the Amparo Project we participated giving a workshop to other incident responders and members of CSIRTs. The event was very successful. The audience gathered individuals responsible for the security area of ​​many Argentine provinces as well as National Universities, representatives of local ISPs, banks and other public and private organizations. By Paula Venosa.

First Workshop on Attackers and Cyber-Crime Operations (WACCO) 2019

On June 20th will take place in Stockholm the First Workshop on Attackers and Cyber-Crime Operations (WACCO) as part of the IEEE European Symposium on Security and Privacy (EuroSP). WACCO is a great initiative that provides the opportunity for research, discussions, and sharing on cyber-criminal activities.

IoT Malware Analysis Series. An IoT malware dropper with custom C&C channel exploiting HNAP

IoT Malware Analysis Series. An IoT malware dropper with custom C&C channel exploiting HNAP

On February 28th, 2019 we infected one of our devices with the malware sample that most AV detect as Mirai. However, it was a bash script downloader that obtains and exacute an ARM ELF binary to attack others using the HNAP vulnerability in order to infect new bots.

Analysis of an IRC based Botnet

This blogpost aims to give an insight of an IRCBased botnet describing the network behavior and showing the analysis of the C&C. By analyzing this botnet network traffic it was possible to identify the botmasters using an IRC channel and observe not only the conversation between them but also the orders they give to the bot.

BlackHoodie Bootcamp #4 Wrap Up - Berlin 2018

his year we were lucky to be able to attend the 4th edition of the BlackHoodie Bootcamp in Berlin. BlackHoodie is a women-only reverse engineering [intensive] bootcamp, meant to introduce attendees to reverse engineering and other highly technical areas of information security in an intensive weekend. Born in 2015 with only 15 attendees, BlackHoodie has grown now to over 90 participants from all over the world.

Protecting the civil society through high quality research