Skip to content

Instantly share code, notes, and snippets.

Avatar

Brian Johnson braimee

View GitHub Profile
@braimee
braimee / mostly_painless_cuckoo_sandbox_install.md
Last active Jan 21, 2021
Mostly painless Cuckoo Sandbox install
View mostly_painless_cuckoo_sandbox_install.md

How to Build a Cuckoo Sandbox Malware Analysis System

I had a heck of a time getting a Cuckoo sandbox running, and below I hope to help you get one up and running relatively quickly by detailing out the steps and gotchas I stumbled across along the way. I mention this in the references at the end of this gist, but what you see here is heavily influenced by this article from Nviso

Build your Linux Cuckoo VM

  1. Setup a Ubuntu 16.04 64-bit desktop VM (download here) in VMWare with the following properties:
  • 100GB hard drive
  • 2 procs
  • 8 gigs of RAM
@braimee
braimee / Password_cracking_in_the_cloud.md
Last active Jan 16, 2021
Password cracking in the cloud
View Password_cracking_in_the_cloud.md
@braimee
braimee / Tools_and_services_I_use_to_run_7_Minute_Security.md
Last active Dec 30, 2020
A list of tools and services I use to help run my business
View Tools_and_services_I_use_to_run_7_Minute_Security.md

Tools and services I use to run 7 Minute Security, LLC

This gist complements a series of podcast episodes I do called How to Succeed in Business Without Really Crying. In part 6 of this series I list a bunch of tools and services I use to help me conduct security assessments and also balance the taxes/books. Here is that full list in all its gist-y glory:

Google Domains

There are lots of registrars out there, and as far as I can tell, they offer about the same amount of features and same pricing for each domain. Since I have such a large footprint already in Google services with my account, moving domains under their roof was pretty easy and made sense. I've also had to use their technical support a few times and found the response times - and level of service - to be stellar.

Microsoft Office

You know it and probably love or hate it. Lots of people tell me "Just use Google Docs! Just us

@braimee
braimee / SIEMple_SIEM_questionnaire_and_tests.md
Last active Dec 26, 2020
Some simple security tests you can run to test the effectiveness of your SIEM
View SIEMple_SIEM_questionnaire_and_tests.md

Introduction

In episode 338 of the 7 Minute Security podcast, I talked about a recent engagement where I helped a customer do a bit of a SIEM solution bake-off. This gist is the companion to that episode, and is broken down into the following two sections:

  • Questionnaire - a series of questions you can ask SIEM vendors to gather as many data points about their products and services as possible

  • SIEM tests - a few tests you can conduct on your internal/external network to see if your SIEM solution indeed coughs up alerts on some things it should indeed whine about

Questionnaire

Introduction / Purpose

@braimee
braimee / 7MS_episode_guide.md
Last active Dec 10, 2020
7 Minute Security podcast episode guide
View 7MS_episode_guide.md

7 Minute Security podcast - full episode guide

Below is a blurb on each podcast episode, as well as a link to the corresponding show notes (if available). I apologize but this gist is often a little outdated, so to view the show notes for the latest episodes be sure to also check out 7ms.us.


393: Interview with Peter Kim

Today features the long-awaited interview with Peter Kim of The Hacker Playbook series!

View this episode's show notes for more information

@braimee
braimee / pwn-o-magic.md
Last active Dec 8, 2020
Pwning internal networks automagically
View pwn-o-magic.md

Intro

This document pools several awesome tools and blog entries together (see "Resources" at the end of this doc) in an attempt to automate the process of getting an initial foothold on a network in a situation where you have no valid credentials.

Download and install ntlmrelay

Ok, so one weird thing I'm trying to figure out is if I install ntlmrelay as the first tool we'll use, these steps seem to work ok:

git clone https://github.com/CoreSecurity/impacket.git /opt/impacket
cd /opt/impacket
pip install .
@braimee
braimee / Active_Directory_dump_n_crack.md
Last active Nov 3, 2020
Active Directory hash dump n' crack methodology
View Active_Directory_dump_n_crack.md

Creating AD backup dump of user accounts and hashes

Upgrade to latest version of PowerShell

Check your version with:

$Psversiontable.psversion

If you are below Major: 5, Minor:1 head to Microsoft's download site to get the latest.

@braimee
braimee / 7MS_Webinar_Series.md
Last active Aug 27, 2020
7 Minute Security Webinar Series
View 7MS_Webinar_Series.md

7 Minute Security Webinar Series

Below is a list of Webinars hosted by 7 Minute Security:

Upcoming Webinars:

More coming soon!

Past Webinars:

Dealing with Rejection: A DMARC Discussion

Thursday, August 20, 2020 @ 10:00 a.m. CST

@braimee
braimee / piholeblock.txt
Created Jun 10, 2020
PiHole test block list
View piholeblock.txt
steampowered.com
steamcommunity.com
steamgames.com
steamusercontent.com
steamcontent.com
steamstatic.com
akamaihd.net
@braimee
braimee / Tweenager_cell_phone_contract.md
Last active Apr 7, 2020
Tweenager Cell Phone Contract
View Tweenager_cell_phone_contract.md

Below is the cell phone agreement I have with my kids. It was largely inspired by this contract which had some excellent ideas.


Tweenager Cell Phone Responsibilities

  • I understand that my cell phone is a privilege, not a right. Mom and dad can look at anything on my phone and take it away for any length of time and for any reason.

Quiet times

I will silence and put away or turn off my phone:

  • At 7:30 p.m. each night, and I will put the phone on the charger upstairs