Clik here to view.
Using Posh-SecMod PowerShell Module to Automate Nessus (Part 3)
Listing Reports Available We can retrieve a list of the reports available on the Nessus Server and the information that they provide with Get-NessusReports function and we provide it a index for the...
View ArticleScript to Automate Metasploit Framework Installation
For some time now I have been maintaining guides for installing Metasploit Framework on OSX, Ubuntu and CentOS. I decided this weekend to write a script to facilitate going thru all the steps. The...
View ArticleFixin Raspistill and Raspivid for Headless Streaming on the Raspberry Pi
Recently I got 2 Raspberry Pi Camera modules for my Raspberry Pi boards for some projects I have in mind. I was sad to find out I could not stream unless I had a monitor connected to the Pi and after...
View ArticleDNSRecon 0.8.6 is Out!
Just updated DNSRecon to check if it can pull the Bind Version by doing a query for the TXT Record version.bind and it will now check if the RA Flag is set in responses from each of the NS servers it...
View ArticleClik here to view.
Stealing User Certificates with Meterpreter Mimikatz Extension
The Mimikatz extension on Meterpreter allows us to use the same commands we would on the standalone tool inside of Meterpreter as native commands. This blog post will cover specifically the stealing of...
View ArticlePowerShell for Security Professionals Class at Derbycon
On September 25 and 26 I will be teaching at Derbycon my class on Introduction to PowerShell for Security Professionals https://www.derbycon.com/training-courses/#intropower . To give a bit of...
View ArticleClik here to view.
Deploying EMET 4.0 in Small to Medium Environments using WSUS
The Enhance Mitigation Experience Toolkit (EMET) has to be one of the Microsoft security tools that I recommend the most to organizations of all sizes, friends and family do to that it helps curve in...
View ArticleClik here to view.
My New Home Lab Setup
After I posted in Twitter that I was building a second ESXi server for my lab I got quite a large number of replies and direct messages on what I used as a lab. Based on the interest I decided to write...
View ArticleGood Karma == Good Karma Plan
I would like to define my plan of self improvement for this year. The plan is a simple one: Good Karma == Good Karma Now what do I mean by it, as I participate more and more in the local and in the...
View ArticleMy Non-Tech Reading Recomendations
Recently I was talking with a friend about my favorite books in the areas of fun hacking fiction and books that have impacted the way I work and think so I decided to compile this list and share it....
View ArticleNever Stop Learning
Let's start with a simple question to ask yourself before you read the rest "how can I be better and more flexible?" even when we think we know what we need to do the job it does not mean we cannot...
View ArticleEnumeration using the Meterpreter ADSI Extended API Commands
Windows Meterpreter recently got some new capabilities thru the Extended API module by OJ Reeves also known as TheColonial. He added support for: Interacting with the Clipboard Query services Window...
View ArticleWhy I hate the "I can't" phrase
Let me share some personal details about my life so you can have a bit of context on why I hate the "Can't do" phrase. When I was born in the late 70s my umbilical cord was wrapped around my neck...
View ArticleReview of Rogue Code by Mark Russinovich
This is the third book in what is now called the Jeff Aiken Series that Mark has written the previous ones where Zero Day and Trojan Horse. Mark works for Microsoft as a Technical Fellow in the Cloud...
View ArticlePowerShell Tip: Working with Systme.Enum
Many times I find myself working with enumerators in .Net like System.Diagnostics.EventLogEntryType http://msdn.microsoft.com/en-us/library/vstudio/system.diagnostics.eventlogentrytype to het the names...
View ArticlePowerShell Tip: Validating IP Address as a Parameter
I find myself many times writing an Advanced Function that takes as its parameters only IP Addresses. A quick way I found for validating that an IP Address was passed is using the [IPAddress] Type...
View ArticleClik here to view.
Sysinternals New Tool Sysmon (System Monitor)
The new tool in the Sysinternal Suite released recently by Mark Russinovich and Thomas Garnier both from Microsoft is called Sysmon (System Monitor)...
View ArticleClik here to view.
Review of Countdown to Zero Day
I finished the Kim Zetter book on the airplane on the way back from several meetings where my work team and I discussed Industrial Control System security, malware and offensive toolsets among other...
View ArticleClik here to view.
Merging Nessus XML Reports with PowerShell
one of the most frequent tasks that friends have asked me is how can they merge Nessus XML reports. On this blog post I will cover how to do it using PowerShell. The process is very simple since...
View ArticleClik here to view.
Updating Group Policy Objects Remotely
One of the recommendations I always give people who ask my opinion on updating to new versions of Windows is that if you do upgrade or deploy new servers to always do your Active Directory Domain...
View Article