Skip to content

Instantly share code, notes, and snippets.

Avatar

Brian Johnson braimee

View GitHub Profile
@braimee
braimee / LinkedIn_recruiter_response_template.md
Last active Mar 10, 2020
Tired of recruiters pinging you about positions you aren't interested in *BUT* you'd like to utilize their time/skills/talent to find gigs you DO want? Send this template to them!
View LinkedIn_recruiter_response_template.md

Tired of recruiters pinging you about jobs that you don't care about or are under/overqualified for, but you'd like to utilize their time/skills/talent to find gigs you DO want? Customize this template and send it to them!


Hello,

Thanks for your email. The position you sent me is not a fit, however, here are some of the things I’d be looking for if I were to consider another position:

  • A contract position would be my first choice, but I would go FTE for the right opportunity
@braimee
braimee / lowhanging.md
Last active Feb 26, 2020
Low-hanging hacker fruit (and how to remove it)
View lowhanging.md

Low Hanging Hacker Fruit

This gist focuses on (relatively) free and (relatively) easy things organizations can do to better protect their networks without buying yet another black box with blinking lights.

Got some ideas of your own that should be on this list? Please leave a comment below!

Implementing a stronger AD password policy

Microsoft has a great paper on the topic that gives some nice high level recommendations:

  • Use a unique password per site
  • Enable complexity
@braimee
braimee / WindowsCommandLineShortcutsAndTips.md
Created Apr 25, 2019
Windows command line shortcuts and tips
View WindowsCommandLineShortcutsAndTips.md

As heard on 7MS #357

Windows command line shortcuts and tips:

Creative ways to play with cmd

Basically, you can do Windows Key + R then type cmd and Enter for quick access to command line.

But lets do some more fun stuff. Wanna open a command window from the desktop and launch a command in one swoop? Try this:

View 7MS_Slack_channels.md

These are the Slack channels featured on the 7 Minute Security Slack channel:

7MSUG

A channel for the 7MS User's Group, which is slated to start monthly(ish) in January, 2019. Currently looking for interested sponsors, speakers and attendees!

BPATTY

Basically just a place to receive RSS notifications when the BPATTY project gets updated.

blueteam

Trying to stop those pesky pentesters and other adversaries? Share your favorite defensive tools, tips, scripts and strategies!

@braimee
braimee / NPK_quick_start.md
Last active Oct 17, 2019
Quick start guide to install NPK (https://github.com/Coalfire-Research/npk) on Ubuntu 18
View NPK_quick_start.md

This is an in-progress quick start install guide for NPK on Ubuntu 18.

From a new Ubuntu 18 box, install the essentials:

apt install unzip -y
apt install python3-pip -y
apt install jq -y
apt install npm -y
pip3 install awscli --upgrade —-user
View Turn_Windows_logging_up_to_11.md

Turn Windows Logging Up to 11

This document is intended to help you create a GPO you can push to your Windows endpoints and start gathering much more rich, verbose logging data. As I recently discussed on the podcast, Windows is a bit lacking in how much information gets logged in its out-of-the-box config.

Note: much of these settings were discovered when using the great LOG-MD tool, which you can download for free.


Turn Windows Logging Up To 11 (GPO)

View Pentest_lab_GPOs.md

Pentest lab GPOs

Note: this set of GPOs accompany's a YouTube video all about building your own pentest lab

Personally, when I setup an internal/test/pentest Active Directory environment I like to leave some settings the way most client environments are setup - both for ease of management and easier attacks, so that includes spinning up the following GPOs:

Enable RDP on desktops Create a new GPO and link it whatever OU your workstations are in, and set Computer Configuration > Administrative Templates > Windows Components > Remote Desktop Services > Remote Desktop Session Host > Connections and set Allow users to connect remotely using Remote Desktop Services to Enable

Then, create a security group in AD, called RDP-peeps for example, that you want to allow to RDP into all workstations.

View ADSecurity101.md

Active Directory Security 101

This document complements the Active Directory security topics talked about on the 7 Minute Security podcast miniseries related to Active Directory - specifically #329. The purpose of this doc is to compile resources we can all use to make our Active Directory environments more physically and logically secure. Here we go....

Practice good physical security

I can't tell you how many companies I've run into that have flippin' Fort Knox around their DCs at their primary office (cameras, motion detectors, angry guard dogs, snipers, etc.) but then the branch office has a DC under the receptionist's desk with no security controls. Make sure all domain controllers are physically locked down. I think a good minimum config is to have the DC locked in a room with keycard access - where only a subset of employees have physical access.

Put users in a least priv

@braimee
braimee / Fixing_unquoted_service_paths.md
Last active Jan 5, 2019
How to fix unquoted service paths
View Fixing_unquoted_service_paths.md

In episode #341 of the 7 Minute Security podcast I talked about how to identify - and remediate - the unquoted service path vulnerabilities you might see pop up on a vulnerability scan. Here's the breakdown of resources that will help you understand and fix this pesky vuln:

  • Here's a great article describing unquoted service paths and why they're a risk to your enterprise.

  • If you want to create a fake service with unquoted service paths so you can then test fixing it, check out this gist which has you run something like the following:

New-Service -Name 'TotesFakeService' -BinaryPathName 'C:\program files\system32\something.exe' -DisplayName 'Totes Fake Dude' -StartupType Manual
@braimee
braimee / CryptoLockerd.md
Last active Nov 15, 2018
This is an infosec-themed song called CryptoLocker'd
View CryptoLockerd.md

You can listen to this song on episode #276 of the 7 Minute Security podcast

Verse 1

You said you wouldn't do it
You said you wouldn't click that link
But you totally did
It’s clear you didn’t stop and think
How the promise of a free burrito would be all that it took
To open up our networks to virtual crooks