Azure can be chatty at the best of time and NSG flow logs are no exception. With this large volume comes cost and ingesting them into your SIEM may add to the pocket. Because of this, I created a simple script to display the NSG logs in a standard format…..
I’ve created a bunch of Active Directory scripts to help identify attack points or stale accounts. This can be used for both, Blue and Red team members as they dive into abusable privileges….
With malicious parties continuing to use Powershell as their way in, I thought I would look into how it’s being used and what can be done to prevent it. This is something I’ve covered before, so think of this as a part 3…………
I’ve combined all of my current scripts into one to allow easy execution.
To see the script, visit: https://github.com/securethelogs/Securethelogs/blob/master/README.md
PSBruteZip allows you to brute force your way into Zip files should you have forgotten the password. A pre-req is that 7Zip is installed as it uses their commands. They function is better than Windows (I find).