Keybase proof
I hereby claim:
- I am braimee on github.
- I am braimee (https://keybase.io/braimee) on keybase.
- I have a public key ASCeG7oR4oiDB9VO2kYrb6O-VhTh27LUSHFJ56EMM_jucwo
To claim this, I am signing this object:
braimee
/ keybase.md
Created Aug 17, 2016
View keybase.md
View 7MS_episode_guide.md
7 Minute Security podcast - full episode guide
Below is a blurb on each podcast episode, as well as a link to the corresponding show notes (if available). I apologize but this gist is often a little outdated, so to view the show notes for the latest episodes be sure to also check out 7ms.us.
393: Interview with Peter Kim
Today features the long-awaited interview with Peter Kim of The Hacker Playbook series!
braimee
/ Patching_solutions_bake-off.md
Last active Sep 7, 2017
View Patching_solutions_bake-off.md
| Patching solution bake-off | PDQ Deploy/Inventory | Ninite | ManageEngine | ivanti |
|---|---|---|---|---|
| Agent or agentless | Agentless (w/option coming in Q4 for an agent install) | Agent | Both | Both |
| LAN/cloud centralized administration | LAN only | Cloud only | Both | LAN only |
| Can push Microsoft updates? | Cumulative monthly updates | No | Yes | Yes |
| Can work w/non-MS machines (Macs/Linux)? | Can identify device type but not actively inventory/patch non-MS | No | Yes - Mac/Linux agent and ability to push patches (!) | Yes - via Ivanti patch for Linux/Unix/Mac environments |
| Training/certification | Hefty Youtube training library | Unknown | Training videos library easily available from inside the Web interface. Also it looks like they do a Webinar each Patch Tuesday about the latest MS patches. | Yes check out this |
| Pricing model | Per admin console (PDQ is ok with one |
braimee
/ CryptoLockerd.md
Last active Nov 15, 2018
This is an infosec-themed song called CryptoLocker'd
View CryptoLockerd.md
You can listen to this song on episode #276 of the 7 Minute Security podcast
Verse 1
You said you wouldn't do it
You said you wouldn't click that link
But you totally did
It’s clear you didn’t stop and think
How the promise of a free burrito would be all that it took
To open up our networks to virtual crooks
braimee
/ LinkedIn_recruiter_response_template.md
Last active Mar 10, 2020
Tired of recruiters pinging you about positions you aren't interested in *BUT* you'd like to utilize their time/skills/talent to find gigs you DO want? Send this template to them!
View LinkedIn_recruiter_response_template.md
Tired of recruiters pinging you about jobs that you don't care about or are under/overqualified for, but you'd like to utilize their time/skills/talent to find gigs you DO want? Customize this template and send it to them!
Hello,
Thanks for your email. The position you sent me is not a fit, however, here are some of the things I’d be looking for if I were to consider another position:
- A contract position would be my first choice, but I would go FTE for the right opportunity
View Password_cracking_in_the_cloud.md
This document is under construction, but is intended to get you up and running quickly with cracking hashes in the cloud using the Paperspace service.
Resources used for this article:
Setting up a cracking box using Paperspace
braimee
/ Active_Directory_dump_n_crack.md
Last active Nov 3, 2020
Active Directory hash dump n' crack methodology
View Active_Directory_dump_n_crack.md
Creating AD backup dump of user accounts and hashes
Upgrade to latest version of PowerShell
Check your version with:
$Psversiontable.psversion
If you are below Major: 5, Minor:1 head to Microsoft's download site to get the latest.
View pwn-o-magic.md
Intro
This document pools several awesome tools and blog entries together (see "Resources" at the end of this doc) in an attempt to automate the process of getting an initial foothold on a network in a situation where you have no valid credentials.
Download and install ntlmrelay
Ok, so one weird thing I'm trying to figure out is if I install ntlmrelay as the first tool we'll use, these steps seem to work ok:
git clone https://github.com/CoreSecurity/impacket.git /opt/impacket
cd /opt/impacket
pip install .
braimee
/ mostly_painless_cuckoo_sandbox_install.md
Last active Jan 21, 2021
Mostly painless Cuckoo Sandbox install
View mostly_painless_cuckoo_sandbox_install.md
How to Build a Cuckoo Sandbox Malware Analysis System
I had a heck of a time getting a Cuckoo sandbox running, and below I hope to help you get one up and running relatively quickly by detailing out the steps and gotchas I stumbled across along the way. I mention this in the references at the end of this gist, but what you see here is heavily influenced by this article from Nviso
Build your Linux Cuckoo VM
- Setup a Ubuntu 16.04 64-bit desktop VM (download here) in VMWare with the following properties:
- 100GB hard drive
- 2 procs
- 8 gigs of RAM
View 7mi.md
7 minute interviews? What's that?
It's a new (and hopefully fun) interview format I want to engage in with members of the information security community on the 7 Minute Security podcast.
Wait wait wait. Who are you? What's this all about?
I'm Brian from 7 Minute Security, LLC and I've been having a blast doing some longer-form interviews with security folks, but I thought it would be fun to do a shorter-form outline where I ask 7 questions (ok, maybe a few more than 7...but I like lucky numbers). Some questions will be serious. Others will not.
Ok I'll bite. What kind of questions would you ask in this 7-minute interview?
Check these out:
OlderNewer