Backround On April 12, 2022 Microsoft Announced CVE-2022-24500, a Windows SMB Remote Code Execution Vulnerability. The CVE clearly states that this vulnerability requires interaction from the end user. Fake Exploit A fake exploit was posted on May 18, 2022 to…
Here is a nice article on privilege escalation in Ubuntu 20.04:
Learn step by step how to export and import Okta SIEM logs in to your open source Graylog! After many failed attempts to import Okta SIEM logs in to Graylog (using Okta Documentation and some PowerShell scripts I found online)…
Here are some resources I am currently looking at: Penetration Tester’s Cheat Sheet
Goal: Whitelist an Entire Country with ipset For this article i’ll be referencing the github repository I set up at We have a few files there, specifically: * cidr_to_ipset.sh (a script to create an ipset ruleset) * Some example…
What to do when barnyard2 won’t log to the database…. Are you seeing something like this? [SignatureReferencePullDataStore()]: No Reference found in database … Full text: # /usr/local/bin/barnyard2 -c -d /var/log/snort -f snort.log -w Running in Continuous mode –==…
Product Review – Mandiant Highlighter Today we are looking at Mandiant Highlighter; Log and Text File Viewer Product home page can be found here Cost: Free! Overview MANDIANT Highlighter is a log file analysis tool. Highlighter provides a graphical component to log analysis…
Using TCP DUMP on windows This will cover how to use command line TCPDUMP on Windows. Software Windump Winpcap Examples windump.exe -Ap -s65535 port 80 > c:\example_dump.txt
To check if twitter acct hacked you can look at the recent pastebin posts ( page 1 | page 2 | page 3 | page 4 | page 5 ) and do a find for your username. Additionally a number of…
Let’s say you wanted to hash windows files against a known good set of hashes. Here’s how to do it! Required Tools md5deep nsrlquery You’ll also need a server to query against. Luckily Kyrus has provided a nsrlserver (beta), known…
