PowerShell Basics - Extending the Shell with Modules and Snapins
In PowerShell there are 2 main ways to extend the shell this are: Modules - A package that contains Windows PowerShell commands int he form of functions, cmdlerts and worksflows, in addition it may...
View ArticleClik here to view.
PowerShell Basics–Recommendations when Importing Modules
 In the last blog post we covered the basics of importing Modules and PSSnapins to extend the shell, this provides us great flexibility in terms of expandability but at the same time depending on how...
View ArticleClik here to view.
PowerShell Basics - Execution Policy and Code Signing Part 1
One will see in many places in Microsoft documentation and in several books out there that PowerShell has security system called Execution Policy, I personally do not agree this is a security measure...
View ArticleClik here to view.
Introduction to WMI Basics with PowerShell Part 3 (WQL and Select Data Queries)
Windows Management Instrumentation Query Language also known as WQL is the language we use to express queries against WMI to extract information from it. he language is like a stripped down version of...
View ArticleClik here to view.
PowerShell Basics - Execution Policy and Code Signing Part 2
In my previous blog post where I covered Execution Policy and Code Signing I mentioned that these steps where only useful for content that is downloaded from the internet and to prevent accidental...
View ArticleBSides PR
This past weekend BSides PR was held in the Puerto Rico Convention Center, this is the first Security Hacking Con in the island. Most conferences before this one have been vendor focus or the ones by...
View ArticleVI-ToolBox PowerCLI PowerShell Module
Recently I decided to migrate some of the PowerCLI (http://communities.vmware.com/community/vmtn/server/vsphere/automationtools/powercli) scripts I use for managing the lab at work and when I consult...
View ArticleClik here to view.
Using Posh-SecMod PowerShell Module to Automate Nessus (Part1)
About 2 months ago I was chatting with some of the members of one of the QA Teams at work and they where telling me about their workflows for automating the testing of code and hosts added to the lab....
View ArticleClik here to view.
Using Posh-SecMod PowerShell Module to Automate Nessus (Part 2)
Working with Policies Policies in Nessus is where we define what a scan is going to do from: What plugins to run. What types of plugin should run and which should not. Concurrency. Port Scanning...
View ArticleClik here to view.
Using Posh-SecMod PowerShell Module to Automate Nessus (Part 3)
Listing Reports Available We can retrieve a list of the reports available on the Nessus Server and the information that they provide with Get-NessusReports function and we provide it a index for the...
View ArticleScript to Automate Metasploit Framework Installation
For some time now I have been maintaining guides for installing Metasploit Framework on OSX, Ubuntu and CentOS. I decided this weekend to write a script to facilitate going thru all the steps. The...
View ArticleFixin Raspistill and Raspivid for Headless Streaming on the Raspberry Pi
Recently I got 2 Raspberry Pi Camera modules for my Raspberry Pi boards for some projects I have in mind. I was sad to find out I could not stream unless I had a monitor connected to the Pi and after...
View ArticleDNSRecon 0.8.6 is Out!
Just updated DNSRecon to check if it can pull the Bind Version by doing a query for the TXT Record version.bind and it will now check if the RA Flag is set in responses from each of the NS servers it...
View ArticleClik here to view.
Stealing User Certificates with Meterpreter Mimikatz Extension
The Mimikatz extension on Meterpreter allows us to use the same commands we would on the standalone tool inside of Meterpreter as native commands. This blog post will cover specifically the stealing of...
View ArticlePowerShell for Security Professionals Class at Derbycon
On September 25 and 26 I will be teaching at Derbycon my class on Introduction to PowerShell for Security Professionals https://www.derbycon.com/training-courses/#intropower . To give a bit of...
View ArticleClik here to view.
Deploying EMET 4.0 in Small to Medium Environments using WSUS
The Enhance Mitigation Experience Toolkit (EMET) has to be one of the Microsoft security tools that I recommend the most to organizations of all sizes, friends and family do to that it helps curve in...
View ArticleBSides PR
This past weekend BSides PR was held in the Puerto Rico Convention Center, this is the first Security Hacking Con in the island. Most conferences before this one have been vendor focus or the ones by...
View ArticleVI-ToolBox PowerCLI PowerShell Module
Recently I decided to migrate some of the PowerCLI (http://communities.vmware.com/community/vmtn/server/vsphere/automationtools/powercli) scripts I use for managing the lab at work and when I consult...
View ArticleClik here to view.
Using Posh-SecMod PowerShell Module to Automate Nessus (Part1)
About 2 months ago I was chatting with some of the members of one of the QA Teams at work and they where telling me about their workflows for automating the testing of code and hosts added to the lab....
View ArticleClik here to view.
Using Posh-SecMod PowerShell Module to Automate Nessus (Part 2)
Working with Policies Policies in Nessus is where we define what a scan is going to do from: What plugins to run. What types of plugin should run and which should not. Concurrency. Port Scanning...
View Article