Category: Uncategorized

The title of this article is the first 5 minutes, so this method is likely not to work for all, but for some it could be a quick way to gain a foothold. This information is gathered from capturing several flags on HTB and following walkthroughs and writeups of mostly Easy boxes. The enumeration steps… Continue reading Basic Enumeration on HTB – the first 5 minutes.

There is absolutely nothing original about this post and the credit goes to the experts that created these .yaml files for cloning VMs without Vcenter. I setup many VMs for testing on my old Dell laptop with 24GB of memory. They are all running from an SD card which is ironic. The Ansible host (find… Continue reading Quickly create multiple clones of ESXI vms without requiring VCenter.

Started running out of IPs on LAN subnet, so decided to look into separating the Voice and Data on our Avaya 9611 phones. This article assumes you have full access to switches and DHCP server. This requires modifying the switch ports, updating the DHCP server scope, and adding a sub interface to your router with… Continue reading Avaya 4548GT-PWR VLAN Configuration with 9611 phones.

A network of workstations, servers, and devices can do many things. They can run smoothly, become unresponsive at any moment, suffer attacks by hackers, or even be destroyed by adverse temperatures or humidity. This is why I created a device that can be used to monitor for any of those threats. This monitoring device runs… Continue reading Ultimate RPi monitoring device

This is a very quick and simple packet capture: Creating a filter (logging PING packets): pktmon filter add -t ICMP Starting the ETW logging format: pktmon start –etw Generating some traffic: ping 10.0.3.2 Stopping capture: pktmon stop Formatting capture: pktmon format .\PktMon.etl -o log_icmp.txt Viewing data: 14:27:17.599175400 PktGroupId 562949953422528, PktNumber 1, Appearance 1, Direction Tx… Continue reading Getting started packet capturing on Windows 10 with PKTMON

Classes are at the core of C++ programming language, but it takes time to compile and debug using C++. If you want to learn about the very basics of classes, I suggest you give Powershell a try. This sample will cover inheritance, classes, and instantiation. Creating a simple class: class Computers { [string]$brand; [int]$year; Computers()… Continue reading Learning constructors using classes in Powershell 5.0

A couple easy ways to harden Office 365 security: Here are a couple messy notes for client access rules. We are trying to limit access to e-mail accounts that are legacy, i.e., MFA printer devices or devices that send notifications, but do not support Modern Authentication. Most MFP printers, Canon, HP, Xerox printer built before… Continue reading Hardening Office 365 security

This post is nothing breaking security news, but that does not make it any less frightening for administrators that still use SSID with static passwords to login to their corporate networks. There are no fixes available to prevent displaying your SSID passwords in clear text, but there are methods that administrators can implement to prevent… Continue reading Windows wireless security vulnerabilities – Displaying all saved SSID passwords.

Recently after looking at “Risky Users” in our Office 365 tenant, I found many users that could use a password reset. I wanted to make sure these users would receive a temp password via cell phone. This function will take a filter param company and reset each user and text them a password given they… Continue reading Resetting passwords and sending temporary passwords via text.

POP3, IMAP, SMTP, and MAPI are all protocols that are used in password spraying attacks. Disabling basic authentication of these protocols and requiring modern authentication will reduce your risk of password spraying success. Be mindful disabling basic authentication should be done in piecemeal and tested thoroughly to avoid major disruptions. You will read that creating… Continue reading Office 365 Security Tips and Tricks: Finding accounts with vulnerable protocols.