HCS ▋ @superruserr@infosec.exchange

Added a couple of short entries today

https://hannahsuarez.github.io/2019/eurobsdcon-lillehammer/

Collection of various answers I've given online

https://hannahsuarez.github.io/2019/Top-Answers/

Day 5 of being sick. Though I spent most of the day writing this small #SIEM ebook.

Should be published sometime in Jan 2020.

Great walkthrough.

One of the biggest things that I have notice about this game is the cinematics - angles, panning, etc. Like this one.

https://www.youtube.com/watch?v=flCeshpEwO4

Doing a SIEM (Splunk, InsightIDR) walk through.
Free Windows Server EC2 instance, thinking of using Splunk's Boss of the SOC dataset (about 3GB). See https://github.com/splunk/botsv2
But it's 3GB and on a free tier account...with the InsightIDR Collector and Splunk both running locally.

If you have read The Phoenix Project, there is a new book out called The Unicorn Project https://enterprisersproject.com/article/2019/11/3-lessons-it-leaders-unicorn-project

Normally one does like a simple list or form when learning a programming language but I am learning Python and building up a scanner using the nmap library. Picked up a book/course earlier this week to refresh about a couple of years since I last worked with this language (mainly on pylint/sphinx).

> Defecting Chinese spy offers information trove to Australian government

A Chinese spy has risked his life to defect to Australia and is now offering a trove of unprecedented inside intelligence on how China conducts its interference operations abroad.

https://www.theage.com.au/national/defecting-chinese-spy-offers-information-trove-to-australian-government-20191122-p53d1l.html

#auspol

Welcome @originalesushi !

Bio: https://e-sushi.net/

Tools
https://e-sushi.net/ip/
https://e-sushi.net/entropy/

#infosec #dev #programming

Listening to @tinker videos on SE/physical pentesting stuff. Not my usual but interesting stories.

https://www.youtube.com/watch?v=e99iQC-dod8&feature=youtu.be

(from 2019 layer8 con) https://www.youtube.com/watch?v=aPUKznP9FkA&t=2298s (which mentions a lot of https://www.youtube.com/watch?v=uv4s_ltHzFw&t=3s)

Or 16 fediverse accounts. 18 (or 20?) if you include ones that have been nuked (instance deleted) like gnu social.

Unfortunately, I am not on Twitter so my tweet about setting up an account on hackers.town or infosec.exchange to new folks is not there.

Don't forget the smaller instances ;)

@fs0c131y https://infosec.exchange/@superruserr/103165866344683385

Please welcome @fs0c131y :) "French security researcher. Worst nightmare of Oneplus, Wiko, UIDAI, Kimbho, BJP IT Cell and others. Not completely schizophrenic. Not related to USANetwork." (from their bio) #infosec

https://twitter.com/fs0c131y/status/1196800422960357376

chuckling squad: https://twitter.com/hashtag/chucklingsquad?src=hash

🍿

Today's agenda:
- Snare agent
- RSA Netwitness
- Splunk UF and why it's not that Good in comparison

For WMI attack investigation, look into collecting Windows Event Log from the WMI-Activity Operational channel as well as from the Microsoft-Windows-WMI-Activity ETW Provider. SANS DFIR on WMI attacks https://digital-forensics.sans.org/blog/2019/02/09/investigating-wmi-attacks #windows #dfir

Time for #Gorgoroth https://www.youtube.com/watch?v=sLW4n4AIHk8

Someone trying to add me on LinkedIn;

MSc Information Security | CISSP | CISA | CISM | CRISC | OSWP | SCP | ISO 27001 Lead Implementor

lol.

Two infosec conferences I want to go to in Feb/March respectively and no tickets 😭

Zero-day and N-day security vulnerability notes, analysis, and proof-of-concepts https://github.com/badd1e/Disclosures #infosec

Book I want to read - Venice Secret Service

https://www.ancient.eu/books/0198791313/

Housed in the imposing Doge's Palace and under the direction of the Council of Ten, the notorious governmental committee that acted as Venice's spy chiefs, this 'proto-modern' organisation served prominent intelligence functions including operations, analysis, cryptography and steganography, cryptanalysis, and even the development of lethal substances.