How-To

Ethan Robish, General InfoSec Tips & Tricks, How-To, Informational, InfoSec 101 Personal Security

Rotating Your Passwords After a Password Manager Breach

| Ethan Robish It’s been nearly a year since Lastpass was breached and users’ encrypted vaults were stolen. I had already migrated to a different password manager for all my […]

Read the entire post here

Beau Bullock, How-To, Red Team, Red Team Tools, Steve Borosh Azure, cloud, microsoft365

Introducing GraphRunner: A Post-Exploitation Toolset for Microsoft 365

By Beau Bullock & Steve Borosh TL;DR We built a post-compromise toolset called GraphRunner for interacting with the Microsoft Graph API. It provides various tools for performing reconnaissance, persistence, and […]

Read the entire post here

Alyssa Snow, Blue Team, External/Internal, How-To, Informational, Red Team, Red Team Tools Active Directory, exploit

Abusing Active Directory Certificate Services (Part 2)

Misconfigurations in Active Directory Certificate Services (ADCS) can introduce critical vulnerabilities into an Enterprise Active Directory environment, such as paths of escalation from low privileged accounts to domain administrator.

Read the entire post here

How Attackers Use SSH.exe as a Backdoor Into Your Network (5)

Alyssa Snow, Blue Team, External/Internal, How-To, Informational, Red Team, Red Team Tools Active Directory, exploit

Abusing Active Directory Certificate Services (Part 1)

Active Directory Certificate Services (ADCS) is used for public key infrastructure in an Active Directory environment. ADCS is widely used in enterprise Active Directory environments for managing certificates for systems, users, applications, and more.

Read the entire post here

How-To, Incident Response, Informational, InfoSec 201, Patterson Cake, Phishing csv data, M365, Microsoft 365, SOF-ELK, UAL, Unified Audit Log

Wrangling the M365 UAL with SOF-ELK and CSV Data (Part 3 of 3)

Patterson Cake // PART 1 PART 2 In part one of “Wrangling the M365 UAL,” we talked about acquiring, parsing, and querying UAL data using PowerShell and SOF-ELK. In part […]

Read the entire post here

How-To, Informational, InfoSec 201, Patterson Cake, Phishing BEC, Business Email Compromise, EC2, Exchange Online Management, M365, Microsoft 365, SOF-ELK, UAL, Unified Audit Log

Wrangling the M365 UAL with SOF-ELK on EC2 (Part 2 of 3)

Patterson Cake // In PART 1 of “Wrangling the M365 UAL,” we talked about the value of the Unified Audit Log (UAL), some of the challenges associated with acquisition, parsing, […]

Read the entire post here

How-To, Incident Response, InfoSec 201, Patterson Cake, Phishing BEC, Business Email Compromise, Exchange Online Management, M365, Microsoft 365, PowerShell EXO, SOF-ELK, UAL, Unified Audit Log

Wrangling the M365 UAL with PowerShell and SOF-ELK (Part 1 of 3)

Patterson Cake // When it comes to M365 audit and investigation, the “Unified Audit Log” (UAL) is your friend. It can be surly, obstinate, and wholly inadequate, but your friend […]

Read the entire post here

Blue Team, Blue Team Tools, General InfoSec Tips & Tricks, How-To, Incident Response, Informational, InfoSec 101, InfoSec 201, Troy Wojewoda DFIR

Welcome to Shark Week: A Guide for Getting Started with Wireshark and TShark

Troy Wojewoda // In honor of Shark Week1, I decided to write this blog to demonstrate various techniques I’ve found useful when analyzing network traffic with Wireshark, as well as […]

Read the entire post here

General InfoSec Tips & Tricks, How-To, Informational, InfoSec 101, Serena DiPenti

Shenetworks’ Guide to Landing Your First Tech Job

Serena DiPenti // Buckle up for this one because I’m about to give you A LOT of information. As someone who works in tech and creates tech content, I am […]

Read the entire post here

«‹ 6 7 8 9 ›»