Configure Office365 as a Service Provider in a federation and use Fortinet as Identity Provider. @Fortinet #fortinet #SAML @Office365 #federation @AzureSupport #cloud #cloudsecurity # #fortinet

Hi, a hole different topic today. On the table is federation. In this case we want a third party solution to handle authenticate to Office365. Then we can control all the login function in our own product. Federation talks a specific language that is called SAML ( Security Assertion Markup Language ).More information regarding SAML... Continue Reading →

26 October, 2020 1

Install PowerShell on Ubuntu 20.04 and add support for AzureAD. #powershell @ubuntu #linux @Microsoft @Azure #linux-guy-try-windows

Hi I want t run PowerShell on my Ubuntu machine and also add support for Azure. Because soon I will try to set up some federation in Azure. Below is from Microsofthttps://docs.microsoft.com/en-us/microsoft-365/enterprise/connect-to-microsoft-365-powershell?view=o365-worldwideIt is in Swedish but It says that Ubuntu 20.04 is not supported. I will be supported in the 7.1 release. The screenshot is... Continue Reading →

21 October, 2020 2

Installing Crowdsec on my hacking rig. How to block unwanted connections. Like bruteforce attacks on ssh. @Crowd_Security @DanielMiessler #hacker #bruteforce #ssh #cybersecurity #Security

I was reading on Daniel Miessler website and got really excited about his article about replacement to fail2ban. https://danielmiessler.com/study/crowdsec/?mc_cid=970356fcef&mc_eid=fa6207cba8 ). Please subscribe to his newsletter, really nice reading. Daniel explains this application in detail and I want to show how I did the installation on my machines. Some difference are there. I wont say it... Continue Reading →

21 October, 2020 2

How to install and run Salt from @SaltStack in my hacking rig. @VMware @thehackscast @thatch45 #saltconf @DjJimmyChunga #hacker #automation

Hi again! Today we are gonna take a look at Salt from Saltstack. On Sunday I was walking the dog and was listening to the podcast thehacks. I got very inspired by the podcast and wanted to really try this. I have never seen this product before. I have done some other tests in my... Continue Reading →

20 October, 2020 0

Installing Microsoft Edge dev version on ubuntu 20.04. @MicrosoftEdge @EdgeDevTools @ubuntu #linux #ubuntu

Finally (can I say that?) it is edge time on Linux. Really straight forward to get Edge on you Ubuntu 20.04. But I will put this out anyway! This is a dev version so there will be functions that will not work yet. Download package from Microsoft: https://packages.microsoft.com/repos/edge/pool/main/m/microsoft-edge-dev/ Install from cli sudo apt-get install ./microsoft-edge-dev_88.0.673.0-1_amd64.deb... Continue Reading →

20 October, 2020 0

Install LogonTracer in my hacking rig. #blueteam @jpcert_en #LogonTracer #ubuntu #linux #infosec #logging #hacking @Docker #logontracer @neo4j

It is time to test LogonTracer from @jpcert_en you can get your copy from https://github.com/JPCERTCC/LogonTracer From the website:LogonTracer is a tool to investigate malicious logon by visualizing and analyzing Windows active directory event logs. We start with a new installation of ubuntu. The servername for this is Logon. The installation is not in this post.... Continue Reading →

19 October, 2020 0

Add linux and windows machines to SecurityOnion Kolide Fleet @securityonion #opensource #qsquery #fleet @Kolide #linux @BHinfoSecurity

We have now come so far that we want to add things in my installation of SecurityOnion. And we will start with how to add Linux and Windows boxes to Kolide Fleet. I do not know if this is the right way but after a couple of hours I was able to see the vm:s... Continue Reading →

19 October, 2020 2

Installing Security Onion 2.3 in my hacking rig. @securityonion #opensource @Elasticsearch #zeek #grafana #qsquery #wazuh #thehive #playbook #kibana #squert #snort #cortex #fleet #suricata #logstash @BHinfoSecurity @elastic @TheHive_Project @grafana

I must thank @BHinfoSecurity to get my interest in this. There webinars is great, especially 30 minutes before the real webinar begins.Now lets get started. As you have seen I did installation of 16.04 version before. My mistake, to tired! No I have to do this again with the new version. Like 16.04 version this... Continue Reading →

18 October, 2020 2

Installing Security Onion 16.04 in my hacking rig. @securityonion #opensource @Elasticsearch #zeek #kibana #squert #snort @BHinfoSecurity @debthedeb

Hi, now after some other installations in my "lab" it is time to look at logging. I got really inspired by webinars from BlackHills, so a big shout out to them. They are doing great work to spread there knowledge to others!And soon I WILL get my backdoor and breaches card game! I do not... Continue Reading →

18 October, 2020 1

How to update my hacking rig (Linux and Windows) using ansible. #ansible #ubuntu #linux #infosec #windowsupdate #hacker #automation

I have my vm:s up and running now, but I like my rig to be patched and updated, even if I only have 7 machines I want to centralize update procedure. I have chosen to do this with Ansible. As this is a demo site that I am setting up. Security of some configuration is... Continue Reading →

16 October, 2020 0

Hachcat benchmark numbers with a VM with Tesla M60 card PCI passthru. #ubuntu #linux4hackers #hashcat #linux #infosec #hacking #pentest #pentesting #redteam #invida #teslam60

I am running hashcat in a VM (ubuntu 20.04) with a PCI passthru NVIDIA TeslaM60 card. This is my first rig with a graphics card so I have no referense to the numbers below. But here is my benchmark test so you can compare. Running Cuda so I can access all memory on the card.... Continue Reading →

12 October, 2020 0

How to access internal machines with ssh tunneling. Tunnel rdp thru a jumpstation with ssh. #infosec #hacking #pentest #pentesting #redteam #linux4hackers #kali #parrotos #linux #linux4hackers #ssh

This is follow up of the previous post regarding my rig. How do I access this where ever I am? I use SSH tunneling for that. If I loose connection for some reason I always use tmux on the target so I can reconnect to the same session as before. We start with a picture,... Continue Reading →

12 October, 2020 0

How did I create hacking rig for ethical hacking. Based on VMware with Tesla M60. #infosec #hacking #pentest #pentesting #redteam #hackthebox #tryhackme #linux4hackers #ctf #kali #parrotos #linux #godaddy #linux4hackers

My goal with this project was to create a hacking rig that I can use when doing hackthebox, tryhackme and other ctf:s. I was lucky to get my hands on a server with Tesla M60 card. My other goal was also to have a server that I can use in phishing tests, and show others... Continue Reading →

12 October, 2020 0