Configuration Manager includes the device property and concept of UserDeviceAffinity, with which the Primary User of a device can easily be determined and referenced. But, what if your environment does not have MECM in place? MECM is a lot of overhead for a small environment. How might one maintain this capability? Well, user log on…
PowerShell- Launch Applications With Other User Context Within Interactive Session
There are many reasons one might want to establish a workflow in which they can quickly launch PowerShell or the ISE with alternative credentials from their interactive session, such as executing a script with a more privileged user context. To do so, create a script like the one below: Then, create a shortcut to execute…
Azure – Malicious Authentication Emulation and Mitigation
The attack surface of a cloud tenant should get a lot of consideration. It is important to understand that some legacy protocols, like SMTP, are not capable of accommodating multifactor authentication; and, although they are largely being deprecated, we may still see them in use. Attackers are particularly fond of these legacy protocols, as they…
PowerShell – Indulging the Memosphere – Invoke-Tune Function
I let my curiosity get the better of me, and I put together a PowerShell function for the purpose of creating music using PowerShell’s built-in console beep feature. And, in the very essence of internet meme culture, I present to you my triumph—a PowerShell function that unleashes the timeless anthem of Rick Astley’s ‘Never Gonna…
PowerShell- UltimateOCD Update + Demo
For the gentleman requesting assistance with my UltimateOCD script, I have revised it further to allow you to easily provide some parameters like the target directory, directory exclusions, and a custom temporary directory path. In addition, I have revised the logic to use the “product” & “x.x.x” (version number) directories to detect Oracle client instances….
Build Your Own “Lab Hydration Kit”
When performing iterative development or testing work, it is critical to be able to quickly stand up a “clean slate” environment. The concept behind the hydration kit is to be able to rapidly “hydrate” a small Windows Domain to simulate a small enterprise environment, “Just add water!” When I am configuring an enterprise lab environment,…
Thoughts on Obfuscation of Botnet C2 Communications
This afternoon, while mountain biking, I was listening to a cybersecurity podcast about botnets. The gentleman on the episode was discussing detection of unknown botnets by looking at recurring patterns from the level of a dynamic DNS provider. A provider like this has incredible insight into web traffic on a global scale. The man described…
Homelab – SSD Types and VM Performance
The idea that Solid-State Drives (SSDs) have superior performance when compared to the Hard Disk Drives (HDDs) of yesteryear has become common amongst administrators. And, for many applications, SSDs have now proven themselves. Many administrators have not indulged beyond this concept. However, if you are building a machine with performance in mind, you might take…
Preliminary Batch Job Version – Ultimate Oracle Client Deinstaller
This is for the gentleman that kindly requested a modification of my UltimateOCD script to allow for batch deployment. Please note that this preliminary example is untested. I will be testing and revising in the days to come, but this may get you on the right track with some testing of your own. In the…
JavaScript – Bot Repellant – Obfuscation
For obvious reasons, it is not a good idea to have your contact information displayed in plaintext on the web. Webcrawlers and bots do exist, and will use RegEx to pick emails and phone numbers out of client-side-source like it’s a cakewalk. Now, ideally, your implementation of what I am dubbing “bot-repellant”, would include server-side…