An Opinionated Ramp Up Guide to AWS Pentesting https://awssecuritydigest.com/articles/opinionated-ramp-up-guide-to-aws-pentesting https://medium.com/@MorattiSec/my-aws-pentest-methodology-14c333b7fb58 Understanding the Shared Responsibility Model https://www.wiz.io/academy/shared-responsibility-model fwd:cloudsec https://fwdcloudsec.org/ AWS Customer Support Policy for Penetration Testing https://aws.amazon.com/security/penetration-testing/ Also, read this and follow the AWS pentesting rules. Cloud Tests One is a review of the external facing posture, which you can consider adjacent to a traditional External Read More …
Tag: notes
AuKill EDR Post
Summary AuKill is a malicious software, often used by ransomware groups, designed to disable endpoint detection and response (EDR) security solutions on a system, essentially allowing attackers to bypass security measures before deploying ransomware by terminating EDR processes using a vulnerable, outdated driver like the Process Explorer driver from Sysinternals; effectively “killing” the EDR functionality. Key points about Read More …
Hook Chain EDR Kill
Summary Every binary loaded into WIndows, has a list of needed functions and processes in order for it to function properly. THink of a browser, it will use a Windows DLL to resolved the hostname to the IPv4 address and so forth. This Table can be hijacked, so instead of pointing to the appropriate function Read More …
Notes on “Paved Road”
Lessons from Securing Internal Applications WebappSec Link Building a Security Platform Engineering Team “”” I’m a big fan of building security into existing processes, a term coined as “secure paved roads” by Jason Chan, Ex-Netflix CISO. The idea behind this is that security should mostly be invisible. The average employee should simply not have to Read More …
Studio Notes – Limiters
With acoustic guitars you will hear some strums that are really loud and some strums that aren’t quite as loud. It could be very well played but you will still have some variation between strums. Sometimes the dynamic is quite loud and a compressor sometimes just can’t get a hold of that because the difference Read More …
What is DTLS and where do I use it?
It’s best suited for small- to medium-sized businesses with deployments that range from tens to a few hundred computers. A provisioning package (. ppkg) is a container for a collection of configuration settings. Use the Windows Configuration Designer tool to create provisioning packages to easily configure devices running Windows client. Windows Configuration Designer is primarily Read More …
Studio Notes – Realistic programmed hi-hats
Programmed hi-hats have way of feeling programmed. Duh. Here are some ways to put some realism into that hi hat part. First copy the track so you have a second programmed hat and you can always revert your changes back. Another option would be to save right before starting, with a slightly different name.
Studio Notes – ADR – Automatic Double Track
Abbey Road Studios designed automatic double tracking and here’s a way to simulate that effect First insert a delay across the vocal that doesn’t matter what the delay is in terms of short medium or long we’re going to set it to somewhere around 75 milliseconds it start it doesn’t really matter and if it Read More …
Home Chore List
For those of us that are lucky enough to own a home, many will understand this list of chores. These are the one’s that I have. Consider this a list of notes that I hope to keep for some time. Faucet Cover Replace a Toilet This is actually quite easier than I thought it was Read More …
Want to Learn Linux
Here are some sources to get you started! Thanks to @simonholdorf for the links! Linux Operating System – Crash Course for Beginners The Complete Linux Course Linux Command Line Full course Linux File System/Structure Explained! Linux for Ethical Hackers (Kali Linux Tutorial)