December 10, 2018

Category: Security

PowerShell :: Parsing text output

I came across a really great way of parsing output from command line tools within PowerShell so had to right a quick blog about it here to share it.  Normally I like to cite my sources but I’ve lost track of the original stack overflow post that led me to this point… Sorry! This technique […]

Common Firewall Issues

One thing I come across time and time again are poorly configured firewalls. The reason for this is largely down to the people who configure them. Companies often put all their eggs in one basket when it comes to IT services which means people who perhaps aren’t best suited to managing security products, end up […]

Docker :: Tips and tricks

This post will be ever evolving as I find more tips and tricks for working with Docker on Windows.  Why not bookmark it and check back? Misc When spawning interactive linux containers, use bash over sh as it provides a more feature rich shell with tab completion, history and cursor actions. PowerShell commands You can tidy up your […]

Tenable Nessus, where has my API gone?

Nessus Professional (Pro) is undoubtably one of the cyber security consultants favourite tools. It has also been a widely adopted tool for organisations on a budget  looking to start out in the never ending world of vulnerability management. It’s humble beginning starting out as a fully open source tool, to the favourably priced commercial  entity we see […]

Common SIEM Problems

As there’s been a lot of SIEM hype over the last few years, I’d thought I’d go over a few common problems I’ve come across whilst deploying new, and fixing existing SIEM deployments. This won’t be a complete list, but just some of the most common. I may update this post from time to time. […]

Crypto Jacking – The New Threat

In this post I will discuss the new threat of Crypto Jacking – what it is, where it came from and why you should be on the look out. What is Crypto Jacking? Crypto Jacking is where malicious code is installed on your infrastructure/Computer with the aim of using your processing power to mine Crypto […]

DNS Sinkhole – What is it & Why do I need one?

In this post I will talk about DNS Sinkholing, what it is and how it can help you identify potentially infected machines. Useful in the fight against malware such as viruses, Ransomware and Crypto Jacking! What is DNS? Domain Name System – in very basic terms, the internet (and local networks) are all routed by […]

FortiGate :: HA Routed Failover w/ Session Failover

A recent requirement that came up was for there to be a redundant pair of firewalls, which allowed for session failover, configuration synchronisation and also maintain different external IPs and seperate BGP peering. A niche request, but something that was supported with FortiGates. Below details some configuration examples to achieve this. Config and Session Sync […]

How to configure a Rotating, long term packet capture using Wireshark.

Introduction Wireshark is an awesome tool for troubleshooting network traffic. Although the Wireshark GUI is not designed for long term packet captures and left running would simply fill the hard drive of the server/pc running the program. Within Wireshark there is a tiny built in Windows command line tool called ‘dumpcap’ which at less than […]

Getting really low :: Backdooring an EXE

So recently I started my OSCE and part of it is backdooring an executable and doing some other things.  There are loads  of guides on the interwebz that basically just regurgitate the course content verbatim and claim it as their own.  I won’t provide links but trust me, they are out there.  These sites / blogs […]
Page 1 of 3123 »

Subscribe to SYNACK via Email