Security News!

Security News: 2020/06/09: new critical vulnerability affecting the Server Message Block (SMB) protocol that could allow attackers to leak kernel memory remotely, and when combined with a previously disclosed “wormable” bug, the flaw can be exploited to achieve remote code execution attacks: https://thehackernews.com/2020/06/SMBleed-smb-vulnerability.html https://www.cert.ssi.gouv.fr/alerte/CERTFR-2020-ALE-008/ 2020/03/12: Windows hosts vulnerable to pre-auth remote code execution in SMBContinue reading “Security News!”

Security : Systems forensics and free tools

Based on my 25 years experience as sysadmin, I recommend you the free tools below for forensic analysis and systems assessment: Repair tools: http://trinityhome.org/Home Windows privilege escalation: https://www.absolomb.com/2018-01-26-Windows-Privilege-Escalation-Guide/ Blog hacker playbook mindmap (poster): https://www.marcolancini.it/2018/blog-hacker-playbook-mindmap/ SANS DFIR hunting evil Windows map (poster): Windows systems: https://digital-forensics.sans.org/media/DFPS_FOR508_v4.3_12-18.pdf Linux privilege escalation: https://blog.g0tmi1k.com/2011/08/basic-linux-privilege-escalation/ Blogs and web sites: 51 Tools for Security AnalystsContinue reading “Security : Systems forensics and free tools”

How to with Regular expressions

Hi, if you are using regular expressions, I recommend you the following tools and sites: Regex tools to learn, build, test regular expressions: https://regexper.com/ https://regex101.com/ https://regexr.com http://regex.lumadis.be/test_regex.php?lang=fr Tutorials about regexp: http://en.wikipedia.org/wiki/Regular_expression http://www.regular-expressions.info/quickstart.html http://www.expreg.com/   Examples: .at matches any three-character string ending with “at”, including “hat”, “cat”, and “bat”. [hc]at matches “hat” and “cat”. [^b]at matchesContinue reading “How to with Regular expressions”

Security – knowledge center, web sites, tips and tricks

A collection of security articles and web sites, KB, tips and tricks especially for System and Network Administrators, DevOps, Pentesters or Security Researchers. https://github.com/trimstray/the-book-of-secret-knowledge   hacking web sites: https://thehackernews.com/ https://www.bleepingcomputer.com/ https://www.zataz.com/   Passwords databases: https://haveibeenpwned.com/ https://www.dehashed.com/ https://ghostproject.fr/ https://leaksify.com/   The Cyber Swiss Army Knife – a web app for encryption, encoding, compression and data analysis:Continue reading “Security – knowledge center, web sites, tips and tricks”

Microsoft Message Analyzer resources

Basic network capture methods: https://blogs.technet.microsoft.com/askpfeplat/2016/12/27/basic-network-capture-methods/ Network Monitor 3.4 (Netmon) – https://www.microsoft.com/en-us/download/details.aspx?id=4865 (NOTE: Network Monitor is no longer under active development) Wireshark (v 2.2.2 as of 11/16/16) – https://wireshark.org/#download Netsh Trace – built-in to operating system Microsoft Message Analyzer (MMA) (v 1.4 as of 6/13/16) – https://www.microsoft.com/en-us/download/details.aspx?id=44226 Message analyzer operating guide: http://technet.microsoft.com/en-us/library/jj649776.aspx How to message analyzerContinue reading “Microsoft Message Analyzer resources”

How to create a bootable USB key on Apple MAC

General methodology: Insert a USB flash drive into your computer. Your USB flash drive should plug into one of the rectangular or oval USB or USB-C ports on your computer’s housing. Traditional flash drives only fit one way, so don’t force the drive if it doesn’t fit. If your Mac uses USB-C ports, your USB-CContinue reading “How to create a bootable USB key on Apple MAC”