tools - Nom. Tech. Bytes.

Nom. Tech. Bytes.

Sign in Subscribe

tools

A collection of 12 posts

Falco for Runtime IDS

infosec Featured

Falco for Runtime IDS

The ability to enable and drive creative thought through technical exploration will always be exciting to me in practice. This post is no different and covers how the Falco ecosystem provides a quick and flexible solution of substance for IDS and threat detection purposes. At the time of this writing,

Enterprise AI Playgrounds?

Enterprise AI Playgrounds?

Recently, I found myself looking into options for running local AI models which leveraged my home lab. The adoption of Ollama is heavily prevalent in many opensource options as an integration point. Jan continues to be developed and tweaked to support model parameter tuning with an incredibly straight forward GUI.

ARR Stack Homelab

ARR Stack Homelab

Securing AI & LLMs

Securing AI & LLMs

Those of us who've been around the block a few times find ourselves at yet another forefront in technology, and it's time to embrace the trend. Traditional machine learning has existed for quite some time, but the hype as of late is incredibly real. That said,

AWS IAM Recon

This post will focus on tools for performing IAM permission enumeration on AWS accounts. Custom, poorly written IAM roles and policies are some of the most common misconfigurations in regards to AWS architecture. That said, we'll discuss various resources that can help you breathe easier. First is MAMIP,

AWS EKS ASAP

EKS is a powerful CaaS solution for hosting k8s in AWS. Though setting up a cluster can be a convoluted task, this quick point of reference will help you strap on those elastic pants and get deploying. We'll first dive into what deploying EKS looks like and what

Sailing the AWS IaC Seas

devops Featured

Sailing the AWS IaC Seas

Infrastructure as Code is an incredibly valuable solution with a ton of applicable use cases in modern cloud practices. Often times I'm approached to build out solutions from scratch or from existing cloud environments using either CloudFormation (AWS IaC) or Terraform. Both these solutions present benefits in multiple

SysOps AWS Certification Preparation

SysOps AWS Certification Preparation

This post covers how I prepared for the test, and the resources I used. After using AWS for 5 years I decided achieving and attaining this would be something beneficial. I enjoy using AWS and think in terms of evolving the space they're still the go-to in 2019.

Link Dump

Secure Yourself or the Enterprise: https://decentsecurity.com/ Virus Scan File or URL: https://www.virustotal.com/ Hacker News: https://news.ycombinator.com/ KitPloit Pentest Tools: https://www.kitploit.com/ 0x00sec: https://0x00sec.org/ Thugcrowd: https://thugcrowd.com/

AWS Tools

A collection of 3rd party AWS tools. Defensive: Scout Suite: https://github.com/nccgroup/ScoutSuite Prowler: https://github.com/toniblyx/prowler CloudMapper: https://github.com/duo-labs/cloudmapper CloudTracker: https://github.com/duo-labs/cloudtracker PMapper: https://github.com/nccgroup/PMapper AWS Inventory: https://github.com/nccgroup/aws-inventory Offensive: fireprox: https://github.

Windows 10 Privacy Hardening

Windows 10 Privacy Hardening

This covers removing the default trackers and data collection methods included with a default installation of Windows 10 across all versions. I've been asked by colleagues to write down my process for hardening windows systems and share. Many of these people have extensive backgrounds in UNIX, but aren&

Chocolatey w/ PsExec for Patch Management

Chocolatey w/ PsExec for Patch Management

This post covers deploying Chocolatey [https://chocolatey.org/] to enterprise devices. The idea is to provide a solution for 3rd party product patching that's both free, and automated. To start you'll need domain admin privileges and just a couple minutes. First, we'll need psexec