On my twitter feed, I saw a tweet from Microsoft about Microsoft Flow, Microsoft's tool which says I should I did know about Microsoft Flow, but never had a need for it. But for some reason my mind connected Microsoft Flow with Troy Hunt's PwnedPasswords service. He's written loads about…
This is my first writeup of a capture-the-flag (CTF) challenge. I started one at BSidesLeeds 2018 but never managed to get to the flag. While I didn't get to the end, I did enjoy the journey it took me on. At work recently I have been deeply involved in a…
Having moved my blog to Ghost I lost a comments section for each post. This was functionality which was built into Blogger (my previous blogging platform) as a standard option, and I wanted to get it back The Ghost platform focuses primarily on the ease of creating the article, and…
This is how I think you can patch a large Windows Server estate on a regular basis balancing the needs of Infosec and a risk adverse corporation. Background In my wanderings round the internet, I've seen articles suggesting you should turn off Windows Update because of the latest patch releases…
Assuming you've already got AD object auditing turned on, the following XML XPath filter can filter the Security log of a DC to only return the events related to AD GPO changes <QueryList> <Query Id="0" Path="Security"> <Select Path="…
Recently, web security chap Troy Hunt released 306 million freely downloadable Pwned passwords and created a website to search them. I think this is a very useful resource and one which appears to me to be very well thought out by him. But should you send passwords already in use…
We use Qualys Vulnerability Management at work to scan our assets for vulnerabilities. I needed to identify which assets hadn't been scanned in a long time. This could be done through the web interface by going to Assets->Asset Search and searching for assets with a Last Scan Date…