Never Give Up
It’s been a while since my last post! Life and work got in the way, but I’m back and hoping to put out many more posts this year! Now, let’s dive into this amazing course—ractical Windows Forensics from TCM Security, taught by Markus Schober. If you're interested in Windows forensics, digital investigations, and incident response,... Continue Reading →
Hi! I am on a strike! This time we are divning into haproxy and how to make a HighAvilable cluster with HA proxy We start of with the big steps. Install OS (ubuntu in mine case) Configure HA cluster with keepalived Install haproxy Test Goal I wanted a proxy soloution that hade failover, so I... Continue Reading →
Hi all! If you are like me attending the Threat Hunting Training Course named Cyber Threat Hunting Level 1 w/ Chris Brenton | 4-Hours on Thursday and want to run the virtual machine in qemu/kvm native do it like this. Download and read the below link! https://www.activecountermeasures.com/cyber-threat-hunting-training-course/ As always start with the short version! Convert... Continue Reading →
I was thinking about a nice and easy way to save a penetration test and come up with this.Use a MindMap application.There is a alot of MindMap application out there. I am running Linux on my machine so I ended up with VYM. (http://www.insilmaril.de/vym/)The nice thing about VYM is that it is free and comes... Continue Reading →
Really nice article about serverless computing and security problems that needs to get addressed NOW. Found the article at mwhite page but this article was written by Gilad David Maayan, guest writer for the site. But do not forget to look at other posts from Michael White, good stuff! Link to the article from Notes... Continue Reading →
I was reading on Daniel Miessler website and got really excited about his article about replacement to fail2ban. https://danielmiessler.com/study/crowdsec/?mc_cid=970356fcef&mc_eid=fa6207cba8 ). Please subscribe to his newsletter, really nice reading. Daniel explains this application in detail and I want to show how I did the installation on my machines. Some difference are there. I wont say it... Continue Reading →
Hi again! Today we are gonna take a look at Salt from Saltstack. On Sunday I was walking the dog and was listening to the podcast thehacks. I got very inspired by the podcast and wanted to really try this. I have never seen this product before. I have done some other tests in my... Continue Reading →
It is time to test LogonTracer from @jpcert_en you can get your copy from https://github.com/JPCERTCC/LogonTracer From the website:LogonTracer is a tool to investigate malicious logon by visualizing and analyzing Windows active directory event logs. We start with a new installation of ubuntu. The servername for this is Logon. The installation is not in this post.... Continue Reading →
We have now come so far that we want to add things in my installation of SecurityOnion. And we will start with how to add Linux and Windows boxes to Kolide Fleet. I do not know if this is the right way but after a couple of hours I was able to see the vm:s... Continue Reading →
I must thank @BHinfoSecurity to get my interest in this. There webinars is great, especially 30 minutes before the real webinar begins.Now lets get started. As you have seen I did installation of 16.04 version before. My mistake, to tired! No I have to do this again with the new version. Like 16.04 version this... Continue Reading →
Tips and Tricks 