tail -f security.log

tutorial

How To Build a SANS GIAC Index

How To Build a SANS GIAC Index

One of the keys to passing SANS GIAC exams is to build a comprehensive index to quickly find information during the exam.  Building an index will also help you study as it forces you to thoroughly review the material.  The steps below detail how to […]

How to determine your Ring Doorbell Pro firmware version

How to determine your Ring Doorbell Pro firmware version

I have a love/hate relationship with my Ring Doorbell.  When I purchased it in 2016 it worked great for a year with minimal issues.  As it became more popular, I noticed the quality dropped with video freezes, black videos, and missed motion events.  This led […]

Palo Alto Firewall: macOS Updates NSURLErrorDomain error -1012

Palo Alto Firewall: macOS Updates NSURLErrorDomain error -1012

About a month ago, I enabled decryption on my Palo Alto firewall and limited it only to traffic to and from my MacBook Pro.  It’s worked well and provided great visibility into the vast amounts of encrypted traffic that we see nowadays. So what’s this […]

Seeing Red: The Fun Stuff

Seeing Red: The Fun Stuff

The Fun Stuff: Privilege Escalation, Exfiltration, and Persistence This is part of a series of posts that walk through an attack.  To start from the beginning, click here. In the last post, we successfully exploited our Victim using a client-side attack targeting an old version of Microsoft […]

Seeing Red: Exploitation

Seeing Red: Exploitation

Exploitation: Client-side Attack This is part of a series of posts that walk through an attack.  To start from the beginning, click here. In the last post, we performed some basic reconnaissance on our target machine and determined its operating system, running services, and even what browser […]

Seeing Red: Reconnaissance

Seeing Red: Reconnaissance

Reconnaissance: Know Your Target This is part of a series of posts that walk through an attack.  To start from the beginning, click here. In the last post, we got a brief overview of Kali Linux and some of its capabilities.  In this part, we’ll start […]

Seeing Red: Tools of the Trade

Seeing Red: Tools of the Trade

Seeing Red This is part of a series of posts that walk through an attack. In an ideal world, information security teams are comprised of both a dedicated Red Team (attackers or offensive side) and a Blue Team (incident responders or defensive side).  I’ve never […]