Mike

I started developing a Cybersecurity Newsletter for those around me (parents, colleges, etc.) and was told it would be a good weekly addition here. The notes below each headline are my own and

This appears to be a somewhat recent problem, and when searching for an answer, a lot of posts reference solutions or VMWare KB's that don't help (enabling swap, checking inodes, etc.).This problem

TL;DR - I wanted to audit for the presence of a particular username, with a particular password, across every endpoint in our environment. As usual, I had a theory. The theory was

I've been in need of a tool that would take two different sets of port numbers, and subtract one set from the other. This would be similar to comm -13, but would be

I found a really cool thing several months ago. I was scanning my network from an external perspective (AWS specifically), and found a live host. The very odd thing about this finding is

I'm re-posting something from redleg/Memory Sieve regarding HP firmware upgrades. In their case, it was a matter of not being able to install the latest firmware package. However, in my case I

While reviewing Windows RDP event logs for the RDP project, I noticed one in particular. Windows Event ID 1029 can be found under Microsoft-Windows-TerminalServices-RDPClient/Operational.evtx. This event is created on the computer

This isn't exactly undocumented, but I definitely feel like it's underdocumented. I've seen the metasploit browser_autopwn feature in the modules in the past, but what I didn't realize until recently is that

I recently wanted a video of a large amount (lets say 24 hours worth) of footage from my Ubiquiti UniFi camera. If you're doing 24/7 recording, the NVR interface chunks videos into

I've had the need in the past to run dirb (dirbuster like web directory brute force tool) against a range targets. However, dirb only takes a single host as an argument. It would

The TL;DR up front, because I hate buried leads. Microsoft created an undocumented API that gave incident handlers, forensic teams, and blue teams a tool that they have long wished for and

Instead of chmod -R ./ 664 * inside a script, I just ran chmod -R / 664 *. Worse, this was inside AWS, no directly console access. Woops... This isn't the worst thing to recover from if

Windows 10 1803 x2 - vanilla install, all commands run from elevated prompt Ever want to find out what Windows Event Logs are created by a particular action? There doesn't seem to be

There's a few articles and exploits out there where EternalBlue has been found to work on Windows XP. However, the metasploit framework does not seem to have a reliable exploit for it. I

One of the only things holding me back from using Firefox over Chrome was the behavior of the tabs. I absolutly hated having to scroll back and forth to find a tab, and

Nmap can take script arguments in a fashon such as the following nmap -Pn -sU -sS --script "smb* and not smb-brute and not smb-flood and not smb-psexec and not smb-enum-shares" -T4

One thing that continues to amaze me is that anytime something like this hits the news, IOC's are limited to what files (by name) it drops. Ya know what's even more useful? Hashes,

I've seen the python pty trick in a few places, first when taking OSCP labs. However, if you've noticed there's still some problems. 2 years ago at HackFest @r00k did a presentation where

This is a problem I've run into several times in the past, so I wanted to document this a bit. While processing certificate signing requests (CSR's) I've occasionally had external entities send the