Introducing the TippingPoint SMS Integration. Using a combination of technologies such as deep packet inspection, threat reputation, and advanced malware analysis, the Tipping Point Threat Protection System provides enterprises with a proactive approach to security.

The integration allows analysts to issue block requests to the TippingPoint IPS directly from the InQuest UI.

Read about all the InQuest Technology Partners!

Latest InQuest™ Blog Posts

Get The Most Out Of Your IoC: The Beginner’s Guide

Posted on 2020-06-30 by Nick Chalard

So you want to add a little spice to your indicators of compromise. After all, an IoC without context or attribution is very much like when you learn what hot is. There are many tools available for us to determine how “hot” an IoC is without burning ourselves. We will be focusing mainly on what we can access publicly and use for free. As we dive in, I am sure a lot of this will be familiar or obvious for most but let me say this for all you new people. I have one rule: everyone pivots, no one clicks.

InQuest Machine Learning: Augmenting human analysts to tackle the ever-increasing talent gap

Posted on 2020-06-15 by Steve Esling

InQuest’s philosophy when tasked with this problem is a sort of “buddy cop” approach, with humans forming teams with ML-generated models to cover each other’s backs. This is augmented by InQuest’s unique DFI capability, allowing raw data to be efficiently processed into as much useful information as possible for its organic and artificial learners to grow from.

InQuest™ Labs Research Spotlight

Blackhat & Violent Python 3

Source code from the books "Black Hat Python" and "Violent Python" fully converted to Python 3 and reformatted to comply with PEP8 standards.

tensorflow

TensorFlow has a comprehensive, flexible ecosystem of tools, libraries, and community resources that lets researchers push the state-of-the-art in ML and developers easily build and deploy ML-powered applications.

stoQ

stoQ is an automation framework that helps to simplify the mundane and repetitive tasks an analyst is required to do.

Global Security Events

Hijacking DLLs in Windows

DLL Hijacking is a popular technique for executing malicious payloads. This post lists nearly 300 executables vulnerable to relative path DLL Hijacking on Windows 10 (1909), and shows how with a few lines of VBScript some of the DLL hijacks can be executed with elevated privileges, bypassing UAC.

Engineering antivirus evasion

this blog post documents some aspects of our research on antivirus software and how we managed to automatically refactor Meterpreter to bypass every AV/EDR we were put up against.

A Legion of Bugs Puts Hundreds of Millions of IoT Devices at Risk

Experts have warned for years that the drive to connect every device imaginable to the internet would offer a bonanza for hackers. Now researchers have found that one chunk of software designed to enable those internet connections is itself riddled with hackable vulnerabilities.

Useful Links

Support

Social

Twitter

GitHub

InQuest™ Insider - Your monthly resource for the latest in cyber security news, trends, tips and tools. Subscribe here.

Unsubscribe here.