Create an Azure hosted Malware Analysis lab using Flare VM.
dan So, today we’re going to create a Malware lab utilising Mandiant’s Flare VM. We’re going to deploy this within Azure allowing us to share this resource with others in the…
Microsoft “Defender Nuke Service” (Via Safe Mode)
am If you have a need to disable defender but are unable to access the the machine while it’s in safe mode/need the ability to perform an unattended nuke (e.g remote…
Microsoft “Defender Nuke” (Via Safe Mode)
A nice little VBS script I wrote for a one stop shop for defender nuking. Script features: You need to be a local admin on the box. Defender will be…
PetitPotam + AD-CS + Rubeus Guide [Repost]
Summary Hosts Setting Up The Lab Set up bindings in IIS for HTTPS for the Default Web Site Navigate to https://192.168.1.30/certsrv, make sure you can navigate to the portal and…
Windows 11 24H2 Flare-VM Malware Analysis VM Setup Guide
Below walks through the creation of a malware analysis VM using the latest version of Windows 11 (24H2) and Mandiant’s Flare-VM. This is a much easier process to do on…
CISSP [Repost][2019/2020]
Hey all, thought I would share my notes for the CISSP certification if anyone was thinking of taking it. Certainly one of the big boy exams within the industry and…
Ransomware DLL Hijacking & “The Canary DLL”
You might have seen in some of the security news sites, articles reporting about a security researcher discovering a method to stop certain ransomware samples from running, including Thanos, Conti,…
Installing GrayLog on Azure [Repost]
Introduction GrayLog is a powerful open source SIEM solution. With hosting within Azure there was additional parameters that needed to be changed to get it to work. If you are…
DNSCat2 Using Azure & GoDaddy
C2 Covert Channels Today we’re exploring the world of obscure C2 channels, specifically DNS covert channels. Attackers know that DNS is widely used and trusted. Furthermore, because DNS is not…
$MFT Bug [Repost]
An error in Microsoft Windows prior to Windows 10 when processing access to the root $ MFT file in the root directory may cause the system to crash. This can…