The attack surface of a cloud tenant should get a lot of consideration. It is important to understand that some legacy protocols, like SMTP, are not capable of accommodating multifactor authentication; and, although they are largely being deprecated, we may still see them in use. Attackers are particularly fond of these legacy protocols, as they…
Month: July 2023
PowerShell – Indulging the Memosphere – Invoke-Tune Function
I let my curiosity get the better of me, and I put together a PowerShell function for the purpose of creating music using PowerShell’s built-in console beep feature. And, in the very essence of internet meme culture, I present to you my triumph—a PowerShell function that unleashes the timeless anthem of Rick Astley’s ‘Never Gonna…
PowerShell- UltimateOCD Update + Demo
For the gentleman requesting assistance with my UltimateOCD script, I have revised it further to allow you to easily provide some parameters like the target directory, directory exclusions, and a custom temporary directory path. In addition, I have revised the logic to use the “product” & “x.x.x” (version number) directories to detect Oracle client instances….
Build Your Own “Lab Hydration Kit”
When performing iterative development or testing work, it is critical to be able to quickly stand up a “clean slate” environment. The concept behind the hydration kit is to be able to rapidly “hydrate” a small Windows Domain to simulate a small enterprise environment, “Just add water!” When I am configuring an enterprise lab environment,…
Thoughts on Obfuscation of Botnet C2 Communications
This afternoon, while mountain biking, I was listening to a cybersecurity podcast about botnets. The gentleman on the episode was discussing detection of unknown botnets by looking at recurring patterns from the level of a dynamic DNS provider. A provider like this has incredible insight into web traffic on a global scale. The man described…