simulation. Running attack simulations internally is very important to build/improve security posture. C2 servers are very common in the wild so...
Exploring Data Exfiltration
Data exfiltration is a concern for most organizations. Protecting your data from prying eyes is hard enough but keeping it on your network; now that’s a challenge. With technology continuing to advance, we are forever moving to cloud this and cloud that. Because we can’t live in a world with only using one company, our data is scattered around the web like nobodies business.
Phishing Posters
After the Facebook leak [BBC.co.uk] my phone has been getting smishing messages non stop. If I can help prevent one person from clicking that next link, it will be worth it.
Exnoscan
Exnoscan is a simple bash script that can help you identify gaps. We often monitor what we know, so Exnoscan aims to identify what you don't.....
Building an NSG logger
My first attempt at a logger was for short term. It became apparent quite quickly that this wouldn't be a long standing solution to avoid the log analytics costs......................
View Azure NSG Flow Logs In Powershell
Azure can be chatty at the best of time and NSG flow logs are no exception. With this large volume comes cost and ingesting them into your SIEM may add to the pocket. Because of this, I created a simple script to display the NSG logs in a standard format.....
The not so isolated risk of legacy systems
Unfortunately, in today’s world, it is not just Vladimir Putin running Windows XP. Many continue to run the risk of keeping legacy systems within their production environment. I imagine for most; this has run through some sort of internal process where the risk has been accepted. If you yourself work within IT, it would be … Continue reading The not so isolated risk of legacy systems
Brute Force Web Logins
If you have a login page which is reachable over the internet, at some point it's going to get attacked. The reason why is because it can be extremely easy for attackers to do so....
Active Directory Scripts
I've created a bunch of Active Directory scripts to help identify attack points or stale accounts. This can be used for both, Blue and Red team members as they dive into abusable privileges....
RedRabbit Update
Find the latest here: https://github.com/securethelogs/RedRabbit
Phishing.web.core.windows.net
EvilGinx is a prime example of some of the amazing tools out there that came be used for Phishing. If you haven't heard of it, EvilGinx was release a few years back and showed us a weak point in 2FA. For most back then, MFA was a sure way to thwart the bad guys and it make the system or user account "impenetrable".....
