Featured content

After my post last week on the great Mirai Internet takedown of 2016, I received some email in response. One of the themes in the feedback was, roughly, that ‘Mirai really doesn’t have anything to do with those of us in enterprise IT security’.

Once upon a time in early 2016, we were talking with pen tester Ken Munro about the security of IoT gadgetry — everything from wireless doorbells to coffee makers and other household appliances. I remember his answer when I asked about basic security in these devices. His reply: “You’re making a big step there, which is assuming that the manufacturer gave any thought to an attack from a hacker at all.”

One of the most critical security concepts is permissions management: ensuring that proper permissions are set with users – and that usually means knowing the difference between share and NTFS permissions.

This article is part of the series "SQL Server Best Practices". Check out the rest: Part I: Configuration Part II: Virtualized Environments

When a breach happens, the first question people ask is, “What did the company do wrong?”

Remember the Cybersecurity Framework that was put together by the folks over at the National Institute of Standards and Technology (NIST)? Sure you do! It came about because the US government wanted to give the private sector, specifically the critical infrastructure players in transportation and energy, a proven set of data security guidelines.

We’re not surprised when hackers attack companies to scoop up credit card numbers or to cause IT disruption. If they’re state sponsored, they may target organizations to pull out intellectual property – military secrets or other sensitive information — as part of a cyber-espionage program.

I can only imagine it’s a high stress job doing IT support for Kim Jong Un as he’s the kind of manager who probably watches you over your shoulder, touches your screen a lot and drops dark hints about “disappearing” your family for three generations if the patches don’t get deployed properly.

Image credit: zviray

You don’t normally talk philosophy and IT when considering Bash and Powershell, but if it’s one thing I’ve learned over the past 20 years of sysadmin work it’s that whether you’re an Empiricist, Nihilist or Young Hegeliansist, if you’re serious about doing your job you don’t spend your day clicking on buttons, you run your network from a command line.

A hand-curated list of 70 tools to power up your workflow. Editors Ultimate PowerShell Prompt Customization and Git Setup Guide Let’s spend a little time installing ConEmu and Git, then customizing our prompt for maximum utility. Oh-My-Posh Powershell amazingness inspired on Oh-My-Zsh, pshazz, fish platyPS Write PowerShell External Help in Markdown posh-hg posh-hg – Mercurial integration for PowerShell PowerShellEditorServices PowerShellEditorServices – A common platform for PowerShell development support in any editor or application! Scriptomatic A utility to make it a snap to create WMI scripts using Windows PowerShell Get the Free Pentesting Active Directory Environments E-Book Sublime Text 3 Powershell Alias Use Sublime Text to create and run your PowerShell scripts PowerShell Plus Powershell IDE and debugger Admin Script Editor Provides an integrated set of tools that allows one to more quickly and more easily create and edit scripts in PowerShell PrimalScript Scripting and Debugging tool for PowerShell PowerShell Studio | The Most Powerful Windows PowerShell GUI Designer and Script Debugger Available PowerShell Studio is the easiest GUI designer and script generator as well as the most powerful PowerShell ISE available. Generates the Windows Forms code and allows remote debugging. PowerGUI Script Editor Quickly and efficiently build scripts through a visual interface using PowerGUI freeware. PowerShell Tools for Visual Studio A set of tools for developing and debugging PowerShell scripts and modules in Visual Studio. Training Practical Powershell Build a tool for helpdesk personnel in Powershell Master-PowerShell | With Dr. Tobias Weltner – PowerShell.com – PowerShell Scripts, Tips, Forums, and Resources Access free scripts, daily tips, and videos to help you master Windows Powershell. Get expert advice from DR. Tobias Weltner, Poweshell MVP. Free Membership! Execution Pash Pash – An Open Source reimplementation of Windows PowerShell, for Mono. Remote Execution Enabler-PowerShell Streamline your PowerShell tasks across all your servers PowerShell Prompt Here Add a right click option to open a PowerShell prompt directly into a Windows Explorer directory. Install and Use Windows PowerShell Web Access a web-based Windows PowerShell console that is targeted at a remote computer. Modules pshosts Powershell Cmdlet Module for modifying the hosts file on Windows voyeur Generate a fast (and pretty) Active Directory report. WintellectPowerShell PowerShell scripts for better debugging and life Flancy A micro web framework for Windows PowerShell Graphite-PowerShell-Functions A group of PowerShell functions that allow you to send Windows Performance counters to a Graphite Server, all configurable from a simple XML file. Posh-SSH Module for automating tasks on remote systems using SSH powercat netshell port of powercat/cat for PowerShell Jump-Location Jump-Location – Powershell `cd` that reads your mind psget Set of commands to install PowerShell modules from local file or from the web. Inspired by NuGet PSReadLine A bash inspired readline implementation for PowerShell lazywinadmin PowerShell functions and scripts for Active Directory and Sysadmin work. SQLitePSProvider Write and Read from SQLite databases HttpRest Submit forms, scrape pages and act like a web browser. ACMESharp Manipulate the ACMESharp .NET Library to issue and renew LetsEncrypt certificates automatically. Invoke-MsBuild Control MSBuild from PowerShell Community Extensions Provides a widely useful set of additional cmdlets, providers, aliases, filters, functions and scripts Pester Provides a framework for running BDD style Tests to execute and validate commands inside of PowerShell Azure Powershell A set of PowerShell cmdlets for developers and administrators to develop, deploy and manage Windows Azure applications. poshgit A set of PowerShell scripts which provide Git/PowerShell integration VisioBot3000 Simple Visio Automation from Powershell SQLPSX SQLPSX – SQL PowerShell Extensions PowerSharePoint Manage SharePoint from Powershell PowerNet Check for an hostname or ipaddress and port is responding. PowerScheduledTasks Set recurring scripts. PowerZip Zip files as part of a script. Security Powershell-Suite Utility Collection of hashing tools, shellcode injection and account impersonation. Harness Interactive remote PowerShell Payload PESecurity PowerShell module to check if a Windows binary (EXE/DLL) has been compiled with ASLR, DEP, SafeSEH, StrongNaming, and Authenticode. Powershellery Contains Powershell scripts used for general hackery. PowerUpSQL A PowerShell Toolkit for Attacking SQL Server Interceptor Interceptor – PowerShell HTTP(s) Intercepting Proxy PoshSec PoshSec PowerShell Module PoshRat PowerShell Reverse HTTPs Shell Babadook Babadook – Connection-less Powershell Persistent and Resilient Backdoor Posh-SecMod Posh-SecMod – PowerShell Module with Security cmdlets for security work p0wnedShell PowerShell Runspace Post Exploitation Toolkit PSRecon PSRecon gathers data from a remote Windows host using PowerShell (v2 or later), organizes the data into folders, hashes all extracted data, hashes PowerShell and various system properties, and sends the data off to the security team. Inveigh Inveigh is a Windows PowerShell LLMNR/NBNS spoofer/man-in-the-middle tool Get the Free PowerShell and Active Directory Essentials Video Course I'd recommend this for both new and advanced PowerShell users. Building an AD tool is a great learning experience. PowerShellArsenal Module Dedicated to Reverse Engineering managed and unmanaged code. Generate-Macro Generate a malicious Microsoft Office document with a specified payload and persistence method. Kansa A Powershell incident response framework unicorn A simple tool for using a PowerShell downgrade attack and inject shellcode straight into memory. PowerForensics PowerForensics – PowerShell – Live disk forensics platform mimikittenz A post-exploitation powershell tool for extracting juicy info from memory. PowerOPS PowerShell Runspace Portable Post Exploitation tool PSAttack A portable console aimed at making pentesting with PowerShell a little easier. Empire Empire is a pure PowerShell post-exploitation agent Nishang PowerShell for penetration testing and offensive security. PowerSploit A collection of Microsoft PowerShell modules that can be used to aid penetration testers during all phases of an assessment.

Leave a review for our podcast & we'll send you a pack of infosec cards.