-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathlearned-2021-01-01-to-14-01.html
93 lines (93 loc) · 19.4 KB
/
learned-2021-01-01-to-14-01.html
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
---
layout: default
---
<p><a href="https://dev.to/ongomobile/how-to-built-a-chrome-extension-k1a">https://dev.to/ongomobile/how-to-built-a-chrome-extension-k1a</a></p>
<p>if you use Microsoft Authenticator app to protect your Microsoft account, you can view your sign-in activity right in the app! 1-Go to <a href="http://account.live.com">http://account.live.com</a>, security and view my activity 2-Freak out when you see how many times people try to login into your account from all over the world 3-Take the opportunity to ensure your 2FA is up to date, don't use phone/SMS (use an app), change your pwd, etc.</p>
<p>ruffle is a Flash Player emulator built in the Rust programming language. <a href="https://ruffle.rs/">https://ruffle.rs/</a></p>
<p><a href="https://threatpost.com/threatlist-top-5-most-dangerous-attachment-types/144635/">https://threatpost.com/threatlist-top-5-most-dangerous-attachment-types/144635/</a></p>
<p><a href="https://old.ironmansoftware.com/50-of-the-top-powershell-modules-to-check-out/">https://old.ironmansoftware.com/50-of-the-top-powershell-modules-to-check-out/</a></p>
<p>If you ever need your external IP in a #PowerShell script: (Invoke-WebRequest -Uri "<a href="http://ifconfig.me/ip").Content">http://ifconfig.me/ip").Content</a></p>
<p>LogFusion is free, but some of the customization of filters, folder monitoring, and customization of advanced automatic column extraction from text files (!) is gated behind a lifetime license ($7 now) Worth checking out even if you don't buy it the free version is great.</p>
<p>Set the #PowerShell Window title (for fancy screenshots!): $host.UI.RawUI.WindowTitle = "<a href="https://msfreaks.wordpress.com">https://msfreaks.wordpress.com</a> - @menschab"</p>
<p>Improving the look of papers written in Microsoft Word <a href="https://jeffhuang.com/better_word_papers/">https://jeffhuang.com/better_word_papers/</a></p>
<p>could help with Windows Update problems <a href="https://github.com/ManuelGil/Script-Reset-Windows-Update-Tool/blob/master/ResetWUEng.cmd">https://github.com/ManuelGil/Script-Reset-Windows-Update-Tool/blob/master/ResetWUEng.cmd</a> <a href="https://github.com/ManuelGil/Reset-Windows-Update-Tool">https://github.com/ManuelGil/Reset-Windows-Update-Tool</a></p>
<p>Ventoy for bootable USB Sticks <a href="https://github.com/ventoy/Ventoy">https://github.com/ventoy/Ventoy</a></p>
<p><a href="https://helgeklein.com/blog/2021/01/per-user-services-in-windows-info-and-configuration/">https://helgeklein.com/blog/2021/01/per-user-services-in-windows-info-and-configuration/</a></p>
<p><a href="https://github.com/sandboxie-plus/Sandboxie">https://github.com/sandboxie-plus/Sandboxie</a></p>
<p>OS-Deployment <a href="https://deploymentresearch.com/building-the-perfect-windows-server-2019-reference-image/">https://deploymentresearch.com/building-the-perfect-windows-server-2019-reference-image/</a> <a href="https://www.moderndeployment.com/quick-start-guide-windows-10-waas-servicing-updates-via-osdbuilder/#Run_Update-OSMedia_-Download_-Execute">https://www.moderndeployment.com/quick-start-guide-windows-10-waas-servicing-updates-via-osdbuilder/#Run_Update-OSMedia_-Download_-Execute</a> <a href="https://msendpointmgr.com/wim-witch/">https://msendpointmgr.com/wim-witch/</a> <a href="https://github.com/OSDeploy/OSBuilder.Public/tree/master/Content/Scripts">https://github.com/OSDeploy/OSBuilder.Public/tree/master/Content/Scripts</a> <a href="https://github.com/manelrodero/osdbuilder">https://github.com/manelrodero/osdbuilder</a></p>
<p>45 Life Hacks in 45 Minutes <a href="https://tech.wandersick.com/2019/07/gem-from-microsoft-ignite-2018-45-life.html">https://tech.wandersick.com/2019/07/gem-from-microsoft-ignite-2018-45-life.html</a></p>
<p>I learnt today that IP addresses can be shortened by dropping the zeroes. Examples: <a href="http://1.0.0.1">http://1.0.0.1</a> → <a href="http://1.1">http://1.1</a> <a href="http://192.168.0.1">http://192.168.0.1</a> → <a href="http://192.168.1">http://192.168.1</a> This bypasses WAF filters for SSRF, open-redirect, etc where any IP as input gets blacklisted.</p>
<p><a href="https://www.brainpickings.org/2013/12/18/joseph-brodsky-speech-at-the-stadium-commencement/">https://www.brainpickings.org/2013/12/18/joseph-brodsky-speech-at-the-stadium-commencement/</a></p>
<p>Citrix Interoperability Validation <a href="https://support.citrix.com/article/CTX276640">https://support.citrix.com/article/CTX276640</a> New MS cumulative update published ? Microsoft’s security update-checkes by Citrix testing and Citrix Known Issues with MS Windows and VMware vSphere are published here !</p>
<p>Flash games: <a href="https://blog.archive.org/2020/11/19/flash-animations-live-forever-at-the-internet-archive/">https://blog.archive.org/2020/11/19/flash-animations-live-forever-at-the-internet-archive/</a></p>
<p><a href="https://www.howtogeek.com/706932/how-to-enable-picture-in-picture-in-firefox/">https://www.howtogeek.com/706932/how-to-enable-picture-in-picture-in-firefox/</a></p>
<p>#IEFO Image File Execution Options to easily disabling access to any exe More background know how about #IEFO: <a href="https://blog.malwarebytes.com/101/2015/12/an-introduction-to-image-file-execution-options/">https://blog.malwarebytes.com/101/2015/12/an-introduction-to-image-file-execution-options/</a> <a href="https://attack.mitre.org/techniques/T1546/012/">https://attack.mitre.org/techniques/T1546/012/</a> <a href="https://docs.microsoft.com/en-us/archive/blogs/mithuns/image-file-execution-options-ifeo">https://docs.microsoft.com/en-us/archive/blogs/mithuns/image-file-execution-options-ifeo</a> <a href="https://oddvar.moe/2018/04/10/persistence-using-globalflags-in-image-file-execution-options-hidden-from-autoruns-exe/">https://oddvar.moe/2018/04/10/persistence-using-globalflags-in-image-file-execution-options-hidden-from-autoruns-exe/</a> <a href="https://guyrleech.wordpress.com/2017/06/28/petya-easily-disabling-access-to-psexec/">https://guyrleech.wordpress.com/2017/06/28/petya-easily-disabling-access-to-psexec/</a> <a href="https://wikileaks.org/ciav7p1/cms/page_2621770.html">https://wikileaks.org/ciav7p1/cms/page_2621770.html</a></p>
<p>You can use the Silent Process Exit tab in GFlags to enter the name of a process that you want to monitor for silent exit. Gflags <a href="https://docs.microsoft.com/en-us/windows-hardware/drivers/debugger/gflags">https://docs.microsoft.com/en-us/windows-hardware/drivers/debugger/gflags</a> is part of the Win10 SDK debugging Tools <a href="https://developer.microsoft.com/en-us/windows/downloads/windows-10-sdk/">https://developer.microsoft.com/en-us/windows/downloads/windows-10-sdk/</a> Monitoring Silent Process Exit: <a href="https://docs.microsoft.com/en-us/windows-hardware/drivers/debugger/registry-entries-for-silent-process-exit">https://docs.microsoft.com/en-us/windows-hardware/drivers/debugger/registry-entries-for-silent-process-exit</a></p>
<p><a href="https://www.controlup.com/using-iperf-to-baseline-network-performance/">https://www.controlup.com/using-iperf-to-baseline-network-performance/</a></p>
<p><a href="https://github.com/nsacyber/Mitigating-Obsolete-TLS">https://github.com/nsacyber/Mitigating-Obsolete-TLS</a></p>
<p><a href="http://TextAnalysisTool.NET">http://TextAnalysisTool.NET</a> by @DavidAns can view, search and navigate large files quickly and efficiently. It can easily manipulate to display exactly the information you need and has straight forward regex filtering, color coding of text files <a href="https://textanalysistool.github.io">https://textanalysistool.github.io</a></p>
<p>hardenize.com Enter domain name, discover possible weakness</p>
<p><a href="https://github.com/crazy-max/WindowsSpyBlocker">https://github.com/crazy-max/WindowsSpyBlocker</a></p>
<p><a href="https://invidious.snopyta.org">https://invidious.snopyta.org</a> plays the Youtube video you want to see</p>
<p>No disabled downloads
Source is on GitHub
No ads
No Google account needed for subscriptions
Incredibly lightweight
JavaScript is not required
No use of YouTube API Google is not out when watching videos via Invidious. As soon as a video is displayed, the (video) material is reloaded from <a href="http://googlevideo.com">http://googlevideo.com</a>. Google knows your IP - but no other data. You can specify in the settings that a proxy is used --> <a href="https://invidious.snopyta.org/preferences">https://invidious.snopyta.org/preferences</a>
3 - Security Scanners - check your environment for security vulnerabilities</p>
<p>Mozilla Observatory <a href="https://observatory.mozilla.org">https://observatory.mozilla.org</a></p>
<p>SSL Labs <a href="https://ssllabs.com/ssltest/">https://ssllabs.com/ssltest/</a></p>
<p><a href="https://www.davidwilkinson.co.uk/2021/01/07/citrix-wem-privileged-elevation/">https://www.davidwilkinson.co.uk/2021/01/07/citrix-wem-privileged-elevation/</a></p>
<p><a href="https://www.thomasmaurer.ch/2021/01/install-apps-from-the-microsoft-store-using-winget/">https://www.thomasmaurer.ch/2021/01/install-apps-from-the-microsoft-store-using-winget/</a></p>
<p>LinkKlipper - Browser extension for Chromium based browsers to export all links from a website and export them to a file. You can:</p>
<p>Extract all links
Store as a CSV
Drag a area on the webpage from which all the links will be extracted <a href="https://chrome.google.com/webstore/detail/link-klipper-extract-all/fahollcgofmpnehocdgofnhkkchiekoo?hl=en">https://chrome.google.com/webstore/detail/link-klipper-extract-all/fahollcgofmpnehocdgofnhkkchiekoo?hl=en</a>
<a href="https://driveandlisten.herokuapp.com/">https://driveandlisten.herokuapp.com/</a></p>
<p><a href="https://github.com/builtbybel/CleanmgrPlus/releases">https://github.com/builtbybel/CleanmgrPlus/releases</a></p>
<p><a href="https://www.alitajran.com/exchange-server-health-check-powershell-script/">https://www.alitajran.com/exchange-server-health-check-powershell-script/</a></p>
<p><a href="https://www.controlup.com/logon-duration-research-appx-packages/">https://www.controlup.com/logon-duration-research-appx-packages/</a></p>
<p>Perform OCR (Optical Character Recognition) with OneNote Perform a capture in OneNote Right-click pictures and select copy text</p>
<p>Windows Event ID 4624 displays a numerical value for the type of login that was attempted. These numbers are important from a forensic standpoint but also for understanding credential exposure and mitigating risks. Descriptions in replies.</p>
<p><a href="https://github.com/guyrleech/Microsoft/blob/master/event%20aggregator.ps1">https://github.com/guyrleech/Microsoft/blob/master/event%20aggregator.ps1</a></p>
<p><a href="https://www.thomaspreischl.de/citrix-published-content/">https://www.thomaspreischl.de/citrix-published-content/</a></p>
<p><a href="https://github.com/TobiasPSP/GetEncoding">https://github.com/TobiasPSP/GetEncoding</a></p>
<p>If you use iOS, check out this totally free app...an efficient ad blocker -- BlockBear | Welcome <a href="https://blockbear.com">https://blockbear.com</a></p>
<p>Blocking Unwanted Connections with a Hosts File <a href="https://winhelp2002.mvps.org/hosts.htm">https://winhelp2002.mvps.org/hosts.htm</a> Extending and consolidating hosts files from several well-curated sources... Copy to /etc/hosts and you're golden (will overwrite existing entries) <a href="https://github.com/StevenBlack/hosts">https://github.com/StevenBlack/hosts</a> @SteveBlack turning many sources of hosts files into a simple one someonewhocares.org/hosts/zero/</p>
<p><a href="https://adamtheautomator.com/powershell-export-gpo/">https://adamtheautomator.com/powershell-export-gpo/</a></p>
<p><a href="https://4sysops.com/archives/set-up-delegation-for-group-policy-management/">https://4sysops.com/archives/set-up-delegation-for-group-policy-management/</a></p>
<p>Audit Windows Security with best Practice Some #Powershell scripts for auditing security with CIS BEST Practices Windows 10 and Window Server 2016. You just need to run the script, it will create a directory named : AUDIT<em>CONF</em>%DATE% <a href="https://github.com/Sneakysecdoggo/Wynis">https://github.com/Sneakysecdoggo/Wynis</a></p>
<p><a href="https://www.cisecurity.org/blog/end-of-support-software-report-list-2/">https://www.cisecurity.org/blog/end-of-support-software-report-list-2/</a></p>
<p>Looking at the recommendations by @CISecurity for hardening your systems is a great idea. Here are huge CIS benchmarks (PDF) for your OS, server + desktop software (browsers/office/zoom), cloud providers, mobile, network + multi function print devices: <a href="http://downloads.cisecurity.org/#/">http://downloads.cisecurity.org/#/</a></p>
<p><a href="https://wiki.sans.blue/Tools/pdfs/PowerShell.pdf">https://wiki.sans.blue/Tools/pdfs/PowerShell.pdf</a></p>
<p>HardeningKitty - Auditing and Hardening Windows Configurations <a href="https://scip.ch/en/?labs.20201015">https://scip.ch/en/?labs.20201015</a> HardeningKitty: Invoke-HardeningKitty - Checks and hardens your Windows configuration <a href="https://github.com/scipag/HardeningKitty">https://github.com/scipag/HardeningKitty</a> <a href="http://scip.chscip.ch">http://scip.chscip.ch</a></p>
<p><a href="https://www.d7xtech.com/free-software/bootsafe/">https://www.d7xtech.com/free-software/bootsafe/</a></p>
<p>Updated - ForceEnd is a free application to force an application to close and restart - <a href="https://majorgeeks.com/files/details/forceend.html">https://majorgeeks.com/files/details/forceend.html</a></p>
<p>You want to review your app access and delete stuff you don't need? Go to: <a href="http://myaccount.google.com/permissions">http://myaccount.google.com/permissions</a> and config/delete. And you want to get rid of the annoying google sign-in pop-ups? Disable "Google Account sign-in prompts"!</p>
<p>How to secure your Twitter account Check out <a href="https://twitter.com/settings/sessions">https://twitter.com/settings/sessions</a> to list every login to your account List your connected apps: <a href="https://twitter.com/settings/connected_apps">https://twitter.com/settings/connected_apps</a> More details: <a href="https://nakedsecurity.sophos.com/2018/12/29/how-to-secure-your-twitter-account/amp/">https://nakedsecurity.sophos.com/2018/12/29/how-to-secure-your-twitter-account/amp/</a></p>
<p>Oh, I have awesome news! O'Reilly has greenlit an experiment to let EVERYBODY participate in the tech review of the 4th edition of the PowerShell Cookbook! Check it out here, I look forward to your comments! <a href="https://powershellcookbook.com/4th_ed_techreview/">https://powershellcookbook.com/4th_ed_techreview/</a></p>
<p><a href="https://adamtheautomator.com/powershell-parse-xml/">https://adamtheautomator.com/powershell-parse-xml/</a></p>
<p>Secure Messaging Apps Comparison (last updated on 11/Jan/2021) <a href="https://securemessagingapps.com">https://securemessagingapps.com</a></p>
<p>In the next release of @MasterPackager we will show MSIX compatibility issues so that you do not have to spend time on packages that are not supported due to current MSIX limitations. #MSIX</p>
<p><a href="https://docs.recastsoftware.com/ConfigMgr-Docs/Community-Tools/Community-Tools-WIMWitch.html">https://docs.recastsoftware.com/ConfigMgr-Docs/Community-Tools/Community-Tools-WIMWitch.html</a> <a href="https://docs.recastsoftware.com/ConfigMgr-Docs/Community-Tools/Community-Tools-OSD-Builder.html">https://docs.recastsoftware.com/ConfigMgr-Docs/Community-Tools/Community-Tools-OSD-Builder.html</a></p>
<p>Effeciency report of laptop</p>
<p>Battery report: powercfg -batteryreport -output %USERPROFILE%\Desktop\report.html Energy report: powercfg /energy /duration 5 <a href="https://randomtecharticles.com/powercfg-energy/">https://randomtecharticles.com/powercfg-energy/</a> How much energy each process consumes: powercfg /srumutil Overview: <a href="https://zillanews.tech/powercfg-how-to-check-battery-health-report-and-energy-report-in-windows-using-cmd/">https://zillanews.tech/powercfg-how-to-check-battery-health-report-and-energy-report-in-windows-using-cmd/</a></p>
<p><a href="https://techcommunity.microsoft.com/t5/ask-the-performance-team/how-to-configure-file-associations-for-it-pros/ba-p/1313151">https://techcommunity.microsoft.com/t5/ask-the-performance-team/how-to-configure-file-associations-for-it-pros/ba-p/1313151</a></p>
<p><a href="https://patchtuesdaydashboard.com/">https://patchtuesdaydashboard.com/</a></p>
<p>Some nice resources I use when helping clients build & maintain defense-in-depth #cybersecurity programs: <a href="https://nvd.nist.gov/ncp/repository">https://nvd.nist.gov/ncp/repository</a> <a href="https://cisecurity.org/cybersecurity-best-practices/">https://cisecurity.org/cybersecurity-best-practices/</a> <a href="https://csiac.org/wp-content/uploads/2020/04/ia-policychart-1-Apr-20-DoDIN.pdf">https://csiac.org/wp-content/uploads/2020/04/ia-policychart-1-Apr-20-DoDIN.pdf</a> <a href="https://sans.org/blog/the-ultimate-list-of-sans-cheat-sheets/">https://sans.org/blog/the-ultimate-list-of-sans-cheat-sheets/</a> <a href="https://zeltser.com/cheat-sheets/">https://zeltser.com/cheat-sheets/</a> <a href="https://owasp.org">https://owasp.org</a> <a href="https://attack.mitre.org">https://attack.mitre.org</a></p>
<p>I recommand a more modern way by using @OpenSCAP for scanning from one to many systems/applications on regular basis and generate detailed reports. <a href="https://open-scap.org/security-policies">https://open-scap.org/security-policies</a></p>
<p>Additional Compatible Security Benchmarks: <a href="https://nvd.nist.gov/ncp/repository">https://nvd.nist.gov/ncp/repository</a> <a href="https://cisecurity.org/cis-benchmarks">https://cisecurity.org/cis-benchmarks</a></p>
<p>#VMware OS Optimization Tool version b2001 January 13, 2021 <a href="https://flings.vmware.com/vmware-os-optimization-tool#changelog">https://flings.vmware.com/vmware-os-optimization-tool#changelog</a></p>
<p>New blog post: Notify users when their device is running low on disk space using Toast Notifications and Configuration Manager <a href="https://imab.dk/notify-users-when-their-device-is-running-low-on-disk-space-using-toast-notifications-and-configuration-manager/">https://imab.dk/notify-users-when-their-device-is-running-low-on-disk-space-using-toast-notifications-and-configuration-manager/</a></p>
<p><a href="https://github.com/TobiasPSP/ReallySimpleDatabase">https://github.com/TobiasPSP/ReallySimpleDatabase</a></p>
<p>A rough-and-tumble PoC driver inspired by @zodiacon . It rises each thread's priority on a given process and also monitors newly created threads on an interval basis and assign them the desired priority. <a href="https://github.com/uf0o/ProcessAmp">https://github.com/uf0o/ProcessAmp</a></p>
<p>Why Notepad is still awesome for taking notes: <a href="https://howtogeek.com/672710/why-notepad-is-still-awesome-for-taking-notes/">https://howtogeek.com/672710/why-notepad-is-still-awesome-for-taking-notes/</a></p>
<p>Did you know? In Windows notepad, you can hit F5 to automatically insert a timestamp.</p>
<p><a href="https://www.meziantou.net/how-to-create-a-good-bug-report-using-problem-steps-recorder.htm">https://www.meziantou.net/how-to-create-a-good-bug-report-using-problem-steps-recorder.htm</a></p>
<p>Create QR Codes on DuckDuckGo</p>
<p><a href="http://DuckDuckGo.com">http://DuckDuckGo.com</a>
Enter “qr” followed by the your text, for example: qr My favorite website --> <a href="http://github.com">http://github.com</a>
Enter
QR code will be created + you can save QR code as image and/or use the URL from the address bar. I also like this service (up to 4000 characters): <a href="https://www.the-qrcode-generator.com/">https://www.the-qrcode-generator.com/</a></p>