Category: Cyber Security
-
Becoming Xstag0 ……
I’ve decided to shift away from the long waffling articles and posts, and start to focus my efforts back into building …. stuff. Because It feels like a new chapter, I thought why not…. name change. Welcome Xstag0. 😀 https://medium.com/@xstag0
-
Log4J – CrowdStrike RTR Script
Vendors are offering tools left and right since the Log4J fun ruined most peoples Christmas break. Amongst these Vendors is CrowdStrike……
-
CrowdStrike – On-Demand Scan v1
One of the downsides to CrowdStrike is no on-demand scanning. On one hand you can see why, on the other, you have use cases that need it…..
-
CS-MalQuery – Part 2
Github:https://github.com/securethelogs/Powershell/blob/master/CrowdStrike/CS-MalQuery.ps1 Since writing part 1 (Here), I’ve been looking into how to expand on the script. I had a thought… if I’m a user and have gotten to the point I’m running this script, I may need more information than if it’s just there. This made me add the Hybrid-Analysis API and Actors API from […]
-
CrowdStrike – MalQuery API
Github: https://github.com/securethelogs/Powershell/blob/master/CrowdStrike/CS-MalQuery.ps1 The MalQuery API from CrowdStrike helps their customers validate if the protection is there for a certain IOCs. Nowadays, we are bombarded with IOCs and because there are so many, for some, skimming through and extracting what they can block is more efficient than reading them all. Sometimes it’s good to see the […]
-
Bad Logic App – C2 Simulation
simulation. Running attack simulations internally is very important to build/improve security posture. C2 servers are very common in the wild so…
-
Exploring Data Exfiltration
Data exfiltration is a concern for most organizations. Protecting your data from prying eyes is hard enough but keeping it on your network; now that’s a challenge. With technology continuing to advance, we are forever moving to cloud this and cloud that. Because we can’t live in a world with only using one company, our data is scattered around the web like nobodies business.
-
Exnoscan
Exnoscan is a simple bash script that can help you identify gaps. We often monitor what we know, so Exnoscan aims to identify what you don’t…..
-
Building an NSG logger
My first attempt at a logger was for short term. It became apparent quite quickly that this wouldn’t be a long standing solution to avoid the log analytics costs………………….
-
The not so isolated risk of legacy systems
Unfortunately, in today’s world, it is not just Vladimir Putin running Windows XP. Many continue to run the risk of keeping legacy systems within their production environment. I imagine for most; this has run through some sort of internal process where the risk has been accepted. If you yourself work within IT, it would be […]
-
Brute Force Web Logins
If you have a login page which is reachable over the internet, at some point it’s going to get attacked. The reason why is because it can be extremely easy for attackers to do so….
XStag0 