tools - Nom. Tech. Bytes.

tools

A collection of 8 posts

AWS IAM Recon

This post will focus on tools for performing IAM permission enumeration on AWS accounts. Custom, poorly written IAM roles and policies are some of the most common misconfigurations in regards to AWS architecture. That said, we'll discuss various resources that can help you breathe easier. First is MAMIP, a simple

AWS EKS ASAP

EKS is a powerful CaaS solution for hosting k8s in AWS. Though setting up a cluster can be a convoluted task, this quick point of reference will help you strap on those elastic pants and get deploying. We'll first dive into what deploying EKS looks like and what additional resources

Sailing the AWS IaC Seas

devops Featured

Sailing the AWS IaC Seas

Infrastructure as Code is an incredibly valuable solution with a ton of applicable use cases in modern cloud practices. Often times I'm approached to build out solutions from scratch or from existing cloud environments using either CloudFormation (AWS IaC) or Terraform. Both these solutions present benefits in multiple ways and

SysOps AWS Certification Preparation

SysOps AWS Certification Preparation

This post covers how I prepared for the test, and the resources I used. After using AWS for 5 years I decided achieving and attaining this would be something beneficial. I enjoy using AWS and think in terms of evolving the space they're still the go-to in 2019. I'll share

Link Dump

Secure Yourself or the Enterprise: https://decentsecurity.com/ Virus Scan File or URL: https://www.virustotal.com/ Hacker News: https://news.ycombinator.com/ KitPloit Pentest Tools: https://www.kitploit.com/ 0x00sec: https://0x00sec.org/ Thugcrowd: https://thugcrowd.com/

AWS Tools

A collection of 3rd party AWS tools. Defensive: Scout Suite: https://github.com/nccgroup/ScoutSuite Prowler: https://github.com/toniblyx/prowler CloudMapper: https://github.com/duo-labs/cloudmapper CloudTracker: https://github.com/duo-labs/cloudtracker PMapper: https://github.com/nccgroup/PMapper AWS Inventory: https://github.com/nccgroup/aws-inventory Offensive: fireprox: https://github.

Windows 10 Privacy Hardening

Windows 10 Privacy Hardening

This covers removing the default trackers and data collection methods included with a default installation of Windows 10 across all versions. I've been asked by colleagues to write down my process for hardening windows systems and share. Many of these people have extensive backgrounds in UNIX, but aren't familiar with

Chocolatey w/ PsExec for Patch Management

Chocolatey w/ PsExec for Patch Management

This post covers deploying Chocolatey [https://chocolatey.org/] to enterprise devices. The idea is to provide a solution for 3rd party product patching that's both free, and automated. To start you'll need domain admin privileges and just a couple minutes. First, we'll need psexec installed on one machine within the