Domain Auditing for Microsoft AD/GP

This post is brought to you as short and sweet as possible. The following is written to provide guidance and transparency for those seeking out simplistic answers to complex compliance requirements. With expensive paid solutions such at Netwrix requiring setup time and hardware requirements. I'm here to tell you there's…

CDN Features w/ Cloudflare

The following is a summary of the security features Cloudflare offers to help mediate risk. Cloudflare is a Content Delivery Network that focuses on simplicity and ease of use. In order to setup, you create DNS records and follow a few incredibly easy steps. But what's this product give you…

SysOps AWS Certification Preparation

This cert was my first after 10 years professionally in the industry. It's a fun one that you shouldn't ever take literal. After using AWS for 5 years I decided achieving and attaining this would be something beneficial. I enjoy using AWS and think in terms of evolving the space…

DUO MFA for RADIUS VPN Connections

This covers implementation for MFA via firewall VPN connections using RADIUS for authorization. 1.) Log into your DUO admin panel and create an application for RADIUS.2.) Install the DUO Auth Proxy client on the server you wish to use to submit the RADIUS requests from. You'll specify the Integration…

Link Dump

Email Spoofer | File Encryption | Proxy Check | Proxy List | Skype IP Grabber:https://orcinustech.com/web-tools/index.phpRansomware Decryptors:https://www.watchpointdata.com/ransomware-decryptorsOpen Source Cyber Security News:https://n0where.net/Secure Yourself or the Enterprise:https://decentsecurity.com/Virus Scan File or URL:https://www.virustotal.com/Hacker News:https:…

Security Practices to Preach

This document is intended for readers with some experience in information technology.Defensive Security is a critical and effective way of thinking. In this post we'll cover it from a domain perspective aka corporate network. I'll go over each proposed layer of security and how to protect yourself as well…

Windows 10 Privacy Hardening

I've been asked by colleagues to write down my process for hardening windows systems and share. Many of these people have extensive backgrounds in UNIX, but aren't familiar with Windows environments. This post isn't for any reason other than to make you aware of what you're being mined for. It's…

MSSQL .BAK Encryption

This post goes over TSQL commands to setup and test encrypted backups for MSSQL. Commands provided are intended to be ran on both a Source and Target instance. These should be ran using an SA account to avoid permission issues. If storage paths don't work, just use c:\temp\ and…

FrankenClam for Windows (ClamWin/ClamAV and Yara)

This guide is for piecing together an opensource solution to trigger AV scans upon file upload within Web Apps.Installed Software: http://www.clamwin.com/content/view/249/1/ https://www.python.org/downloads/release/python-371/ https://github.com/VirusTotal/yara/archive/v3.8.1.zip https://github.com/zuphzuph/…

AntiXSS for ASP .NET

Common attack vector defense for Windows Server.This can be done and implemented with NuGet for continuous integration.Add the following to the httpRuntime tag in your config. If the following keys already exist, ignore those values:httpRuntime targetFramework="4.5" encoderType="System.Web.Security.AntiXss.AntiXssEncoder,System.Web, Version=…