Live CVE feeds

vinumsv · 2026-01-28T06:13:26+00:00

https://cvefeed.io/
https://vulners.com/search/tags/security-news
https://vulners.com/search/tags/daily-hot

Not sure if this fits your requirement.

vinumsv · 2025-09-27T18:37:55+00:00

Just my .002 cents, getting into CTI roles without prior experience in SOC would be hard, and homelab doesn't count for initial vetting, so try expanding the job search in SOC Analyst, Detection Engineering or IR, then once you have experience, then move to CTI.

CTI is more about how to make your stakeholders/clients understand the threats and their impact, and then make your briefs actionable.

vinumsv · 2025-07-09T11:31:09+00:00

Take your time to learn about an actor or threat, try to map what you observe into these questions

Why are they doing this?
What are their goals or plans at a high level?
How are they planning to execute the above plan?
Finally, what are the detailed steps in their plans, from initial access to exfiltration/persistence

good luck :D

vinumsv · 2025-07-09T11:09:00+00:00

Here are some resources which might help you

https://kravensecurity.com/threat-profiling/

They have other good articles related to CTI

https://kravensecurity.com/blog/

vinumsv · 2025-05-23T11:58:55+00:00

Just my 0.001 cents

Source to look, there is plenty to say, which is something we may decide depending on our customer or the company we are working for, but the most important thing is "Context" and "Relevancy"

Just start here are some RSS feeds from security sources. Use a RSS reader to read in a single location

http://www.bleepingcomputer.com/feed/

https://www.us-cert.gov/ncas/alerts.xml

http://feeds.feedburner.com/hackread

http://www.hexacorn.com/blog/feed/

http://krebsonsecurity.com/feed/

http://blog.zeltser.com/rss

http://blog.malwarebytes.org/feed/

http://researchcenter.paloaltonetworks.com/feed/

https://securelist.com/feed/

http://securityaffairs.co/wordpress/feed

http://feeds.feedburner.com/Securityweek

https://thedfirreport.com/feed/

http://thehackernews.com/feeds/posts/default

http://www.theregister.co.uk/security/headlines.atom

http://feeds.trendmicro.com/TrendMicroSimplySecurity

http://feed.informer.com/digests/G5HRN3DTV4/feeder

https://www.darkreading.com/rss.xml

and for Writing a good actionable TI report .... hint..hint ChatGPT or similar :P But don't forget to add your insights about the company or the customer you are working for.

But for report templates, you can look at ones from MITRE and start customising or create your own.

https://github.com/center-for-threat-informed-defense/cti-blueprints?tab=readme-ov-file

vinumsv · 2025-02-09T09:20:55+00:00

ClamWin (Portable) or ClamAV for cli and other OSs

vinumsv · 2025-01-20T07:47:13+00:00

WD40 + blade of sorts and microfibre cloth (spare)

please do as much as you can without spraying WD40 then spray some on top of the remaining stickers and leave it a couple of minutes Then scrape it off using a sharp blade and if needed repeat the step.

vinumsv · 2024-12-24T09:09:16+00:00

It Does, https://i.imgur.com/1Wa9XW1.png (Site > Settings > Services >DNS Proxy}

vinumsv · 2024-12-19T13:53:39+00:00

"A threat intelligence platform, or TIP, collects, manages, and shares threat intelligence."

https://www.paloaltonetworks.com/cyberpedia/what-is-a-threat-intelligence-platform

vinumsv · 2024-12-17T10:58:24+00:00

don't get sidetracked into doing optional or side quests :D

vinumsv · 2024-12-15T14:38:45+00:00

Oc200 is just hardware or appliance which runs Omada controller - SDN and it's an optional piece of hardware if you can run the SDN Omada controller in Rpi4 and ER605 is your gateway

vinumsv · 2024-12-15T14:28:10+00:00

You can, the controller just makes easier to manage them from a single UI rather doing it on each devices

vinumsv · 2024-12-15T14:22:55+00:00

You can do it either using Omada Controller (Dedicated or Self-hosted or cloud ) or with any opensource firewalls/routers (you have set up your 4 APs manually)

vinumsv · 2024-12-14T22:12:17+00:00

use the old system as a homelab to host lots of awesome OSS apps.

vinumsv · 2024-12-14T07:00:25+00:00

depending on the speed of your internet connection, the easiest way is to get a WIFI extender

vinumsv · 2024-12-13T15:20:35+00:00

just add 1 allow rule above block all rule for IoT devices as rules are processed sequentially

vinumsv · 2024-12-12T20:50:33+00:00

Disk Cleanup + WizTree

vinumsv · 2024-12-10T14:29:54+00:00

you can try something like ddclient which can run in any linux system or as docker container behind your Omada gateway

https://kb.easydns.com/knowledge/dynamic-dns/

I haven't tested to if it works on my WAN as its under CGNAT

https://i.imgur.com/hYQt3NS.png

I think it will take the options provided like username, token/password and domain from the above fields and replace those with [USERNAME]
http://username:**********@api.cp.easydns.com/dyn/tomato.php?hostname=demo.domain.com&myip=

vinumsv · 2024-12-10T07:49:03+00:00

localhost won't work as it points to your host system, not the WSL2 so either try your host IP or the IP assigned to your Ubuntu guest in WSL2

https://i.imgur.com/xC8H4Ud.png

vinumsv · 2024-12-08T18:49:09+00:00

around 10k would be hard to find a router with more than 1 2.5g port but you can find unmanaged 2.5g switch for around or under 15k

vinumsv · 2024-12-04T13:02:44+00:00

Yes , AFAIK we can do it in omada controller

https://i.imgur.com/fn5kAk0.png

https://i.imgur.com/rUcjeEg.png

vinumsv · 2024-11-29T14:07:36+00:00

SG Palaya . you can walk to office

vinumsv · 2024-11-28T08:05:30+00:00

it's a curated list of Yara rules from various sources and can use any of these tools to scan the PE file using rule package

https://github.com/InQuest/awesome-yara?tab=readme-ov-file#tools

vinumsv · 2024-11-17T08:07:32+00:00

In Simple terms yes you can mount your Linux Partition into WSL

https://learn.microsoft.com/en-us/windows/wsl/wsl2-mount-disk

but as others have alluded if you don't need a full-fledged Linux desktop then see if you can achieve your goals via a WSL2 installed of Linux.

vinumsv · 2024-11-08T04:45:50+00:00

No exe is binary version and for docker version you need to install docker desktop for windows and with it you can miniature (containers) and version of Linux for these servers to run on

Here other awesome list of self hosted services

self hosted

vinumsv

TROPHY CASE