aws AWS Threat Detection & IR Re:Inforce 2021 Presentation Notes The “Auto-Enable” in Organizations from a root account enables services below if enabled on new and existing member accounts. A brief touchpoint on each AWS security related service
aws ssh... Quiet Down Now As we all know AWS provides great solutions to a vast number of common technical problems. One such solutions excited me as a Security focused AWS Architect recently, and I wanted to share
infosec ☁️ Compliance Pt. I This post is about my experience while covering the infamous cloud shared responsibility model. I'm writing this because it's 2021, and people still often assume because they're utilizing a IaaS/PaaS offering it's
devops Sailing the AWS IaC Seas Infrastructure as Code is an incredibly valuable solution with a ton of applicable use cases in modern cloud practices. Often times I'm approached to build out solutions from scratch or from existing cloud
hackthebox HackTheBox - Resolute | Write-up Toolsimpacket- sudo apt install -y python-impacket evil-winrm- git clone https://github.com/Hackplayers/evil-winrm cd evil-winrm install gem evil-winrm Footholdenum4linux 10.10.10.169 From the output, I obtained both a list of
infosec HackTheBox - Forest | Write-up Toolsbloodhound- sudo apt install python-pip pip install bloodhound impacket- sudo apt install -y python-impacket evil-winrm- git clone https://github.com/Hackplayers/evil-winrm cd evil-winrm install gem evil-winrm Footholdnmap -v -sV -sS -T5 10.
Kubernetes Cluster w/ Vagrant, conjure-up, juju on AWS This guide is for those looking to configure a K8s clusters for testing purposes on AWS. It leverages Vagrant/Ubuntu/conjure-up/juju to provision a cluster on nearly any cloud provider in 10
devops Kubernetes Self Hosted Home Lab This post covers how to install Docker & Kubernetes on Windows 10 Pro/Ent using Hyper-V/PowerShell/Chocolatey. Ensure Hyper-V features are enabled before proceeding. All commands are run via PS. — Docker Setup
windows Domain Auditing for Microsoft AD/GP This post covers domain reporting via PowerShell to HTML for compliance change reporting purposes. The following is written to provide guidance and transparency for those seeking out simplistic answers to complex compliance requirements.
devops CDN Features w/ Cloudflare The following content is a summary of the security features Cloudflare offers to help mediate web hosting risk. Cloudflare is a Content Delivery Network that focuses on simplicity and ease of use. In
devops SysOps AWS Certification Preparation This post covers how I prepared for the test, and the resources I used. After using AWS for 5 years I decided achieving and attaining this would be something beneficial. I enjoy using
infosec DUO MFA for RADIUS VPN Connections This post covers implementation for MFA via firewall VPN connections using RADIUS authorization. 1.) Log into your DUO admin panel and create an application for RADIUS. 2.) Install the DUO Auth Proxy client
tools Link Dump Ransomware Decryptors: https://www.watchpointdata.com/ransomware-decryptors Open Source Cyber Security News: https://n0where.net/ Secure Yourself or the Enterprise: https://decentsecurity.com/ Virus Scan File or URL: https://www.virustotal.com/ Hacker
windows Nano Server 2016 Image Creation I recently took a dive into Nano Server 2016 and it's capabilities. I figured I'd share my findings and explain how to get exposure and setup Nano Server. You'll need: Nano Server Image
windows PXE Boot Surface MDT/WDS This is a simple how-to for booting Surface Pro 4's to PXE. This guide utilizes both PXE and UEFI on a Windows MDT/WDS setup. Verify the following DHCP roles are configured on
devops AWS Tools This is a collection of 3rd party AWS tools to for multiple security related tasks. Defensive: ScoutSuite: https://github.com/nccgroup/ScoutSuite Prowler: https://github.com/toniblyx/prowler CloudMapper: https://github.com/duo-labs/
windows Security Practices to Preach A guess to better security posture and practices. Defensive Security is a critical and effective way of thinking. In this post we'll cover it from a domain perspective aka corporate network. I'll go
infosec Windows 10 Privacy Hardening This covers removing the default trackers and data collection methods included with a default installation of Windows 10 across all versions. I've been asked by colleagues to write down my process for hardening
windows Windows 2016 Domain Controller Setup This guide assumes you have a hypervisor and VMs and/or physical boxes to support setup. This guide uses a fresh install of Server 2016. Install the following roles by opening up server
devops MSSQL .BAK Encryption This post goes over TSQL commands to setup and test encrypted backups for MSSQL. Commands provided are intended to be ran on both a Source and Target instance. These should be ran using
devops Drupal/WordPress Environment w/ Docker This Tutorial assumes your have Docker Toolbox installed and fully operational. Within Docker Quickstart Terminal get a copy of the latest MySQL image: $docker pull mysql Start your MySQL container running: $docker run
windows Selenium Setup in Visual Studio This is a generalized guide for configuring Selenium on Windows. Create a directory named Selenium under C:\Copy the directory downloaded from http://docs.seleniumhq.org/download/ in this example I'm setting up
windows Chocolatey w/ PsExec for Patch Management This post covers deploying Chocolatey to enterprise devices. The idea is to provide a solution for 3rd party product patching that's both free, and automated. To start you'll need domain admin privileges and
devops FrankenClam for Windows (ClamWin/ClamAV and Yara) This guide is for piecing together an opensource solution to trigger AV + macro detection upon files upload within web applications. Installed Software: http://www.clamwin.com/content/view/249/1/ https://www.python.
infosec AntiXSS for ASP .NET Common attack vector defense for windows server web applications. This can be done and implemented with NuGet for continuous integration. Add the following to the httpRuntime tag in your config. If the following
