This post by Jeff (@jeffmakes) was delayed due to interferences with other projects but nevertheless, enjoy!
This year, it was my great honour to design the hardware for the Troopers19 badge.
We wanted to make a wifi-connected MicroPython-powered badge; something that would be fun to take home and hack on. It was a nice opportunity to use a microcontroller platform that I hadn’t tried before. I also used the project as a chance to finally migrate my PCB workflow from Eagle to Kicad. Inevitably it was a painful transition, which resulted in quite some delay to the project as I floundered around in the new tool, but it does mean the design files are in an open format which I hope will benefit the community of Troopers attendees and future badge designers!
The next major release of DirectoryRanger is now available for customers, and for everyone who would like to try it ;-). Current attacks show that quite often the topic of Active Directory Security is not on the security agenda, but it should be, and this was the reason for us to build the tool and, of course, to maintain and improve it. So what are the major new features released with DirectoryRanger 1.5.0? Here we go:
Sadly, TROOPERS 19 is already over. I had great fun meeting all of you, helping you with your badge problems and seeing others hacking on their badges for example to get custom images on there.
With this year’s badge we wanted to give you something you can reuse after the conference, learn new things new build something on your own.
As promised in our talk Jeff and I would like to give you a short introduction into the badge internals. Along with this post we will release the source code for the badge firmware, the provisioning server and the schematics for the PCB.
Back from Holidays, you started the year well motivated to make the world a safer place.
However, sitting at your desk today you realize nothing really changed since last year, and you are surfing the web, feeling a bit blue, trying to avoid that pile of emails waiting for you and wondering how you could gain some visibility on your domain in order to better defend it.
No worries, emails can wait a bit longer. All you need is some fresh air and something cool to keep your defensive mind motivated for the year, and I might have just what you need; so put on your shoes and let me take you on a 15 minute Cypher walk with a cool blue dog…
With version 1.1.0 our tool DirectoryRanger introduces a new feature: informational audit checks. These checks do not have a severity rating because they are just “for your information” and the included information might or might not contain security issues, depending on other facts. But these checks can help to reduce your Active Directory attack surface by pointing you to some aspects which need your attention and at least require to be discussed and documented (and they might also imply governance measures like a risk acceptance).
This blogpost is about the release of a plugin for Binary Ninja that allows you to run a Python Kernel inside the Binary Ninja GUI environment to which you can attach a Jupyer (QT) console, formerly known as IPython shell. The first section is about why this is useful, the second is about some issues I encountered and how to solve them, and the third contains everything you need to know to set it up. Continue reading “IPython Support for Binary Ninja”
When I recently joined the Windows Security team at ERNW, Enno asked me if I wanted to write a ‘welcome’ blogpost on a topic of my choosing… Up for the challenge, and since I had been playing with BloodHound & Cypher for the last couple of months, I first thought I would do something on that topic.
However, after gathering my thoughts and some Cypher I had collected here and there, I realized that the topic of Bloodhound Cypher might actually require several blog posts… And so I changed my mind. I will keep the joys of Cypher for later, and in this post, I will talk about a tiny tool I wrote to query the Mitre ATT&CK™ knowledge base from the comfort of a PowerShell prompt. Continue reading “PoSh_ATTCK – ATT&CK Knowledge at your PowerShell Fingertips…”