Wanderlist - rra-dev/studious-garbanzo GitHub Wiki
tags:
- WL
[!todo]- ### 20220913.Y5
[!tip]- #### Bookmarked Thread https://twitter.com/arekfurt/status/1569677328736821250?s=20&t=JGiGfm8Pa5O5TmHEvwRjGA
[!info] #### Base Thread https://twitter.com/DrAzureAD/status/1569643089068802054?s=20&t=stdv0BQUC0FNoaS8SjhVUg
[@Secureworks](https://twitter.com/Secureworks) just released a threat analysis regarding flaws our team found in [#AzureAD](https://twitter.com/hashtag/AzureAD?src=hashtag_click) Pass-through Authentication (PTA). [https://secureworks.com/research/azure-active-directory-pass-through-authentication-flaws…](https://t.co/EFLqih9OPP) The flaws allow threat actors to: * Gather credentials * Login with invalid credentials * Conduct DoS attacks 1/3 How is this different from previous PTA exploits like [#AADInternals](https://twitter.com/hashtag/AADInternals?src=hashtag_click) PTASpy? * After the initial compromise of a PTA agent, the exploitation is remote * Exploitation can't be detected from the Azure portal or logs * Exploit is persistent 2/3 What can administrators do if they detect a compromised PTA agent? * Contact Microsoft support to remove the agent How to protect / prevent? * Treat all servers with PTA agent as Tier 0 3/3[!note] #### Notes / Comments
- None yet
#todo #AzureAD #MS #IAM
[!todo]- ### 20220909.D6
[!tip]- #### Bookmarked Thread https://twitter.com/0gtweet/status/1568266401978404865?s=20&t=JGiGfm8Pa5O5TmHEvwRjGA
[!info] #### Base Thread https://twitter.com/0gtweet/status/1568266401978404865?s=20&t=JGiGfm8Pa5O5TmHEvwRjGA
Do you know Windows records most important events related to the boot process in a dedicated binary log? A history of hundreds of boots. I believe it’s cool [#DFIR](https://twitter.com/hashtag/DFIR?src=hashtag_click) artifact, but never seen any tool parsing it. So, I have written one in PowerShell. Enjoy:[!note] #### Notes / Comments https://github.com/gtworek/PSBits/blob/master/DFIR/Extract-BootTimes.ps1
- Link in Repository PSBits lots of good stuff in there https://gtworek.github.io/PSBits/
#MS #PS #DFIR #todo
[!done]- ### 20220908.01
[!tip]- #### Bookmarked Thread https://twitter.com/jaredcatkinson/status/1567868085704753154?s=20&t=JGiGfm8Pa5O5TmHEvwRjGA
[!info] #### Base Thread https://twitter.com/jaredcatkinson/status/1567868085704753154?s=20&t=JGiGfm8Pa5O5TmHEvwRjGA
The latest post in my [#OnDetection](https://twitter.com/hashtag/OnDetection?src=hashtag_click) series asks "what is a procedure". It seems that we all have trouble pinning down exactly what it is & as a result there are many definitions. I propose a precise definition building on the ideas developed in this series.https://posts.specterops.io/on-detection-tactical-to-function-810c14798f63
[!note] #### Notes / Comments Philosophy article
#OP-ED
[!todo]- ### 20220907.01
[!tip]- #### Bookmarked Thread https://twitter.com/iamtrask/status/1567487724466372609?s=20&t=CaoAGAX7owOpwx3G1IhQRA
[!info] #### Base Thread https://twitter.com/iamtrask/status/1567487724466372609?s=20&t=CaoAGAX7owOpwx3G1IhQRA
This series of [#Jupyter](https://twitter.com/hashtag/Jupyter?src=hashtag_click) [#Notebooks](https://twitter.com/hashtag/Notebooks?src=hashtag_click) is a VERY nice step-by-step intro to data science and machine learning. If you're just starting out - I recommend walking through these notebooks as a first primer Definitely a great [#100DaysOfMLCode](https://twitter.com/hashtag/100DaysOfMLCode?src=hashtag_click) project [https://github.com/rasbt/python-machine-learning-book-2nd-edition](https://t.co/RA7c8jgzNS)https://github.com/rasbt/python-machine-learning-book-2nd-edition
[!note] #### Notes / Comments
#Python #ML #Jupyter #todo
[!done]- ### 20220829.01
[!tip]- #### Bookmarked Thread https://twitter.com/BentleyAudrey/status/1564275898135855106?s=20&t=CaoAGAX7owOpwx3G1IhQRA
[!info] #### Base Thread https://try.jupiterone.com/blog/cybersecurity-doesnt-have-to-suck-lets-fight-cynicism-and-burnout?utm_source=cyfluencer&utm_medium=influencer_library
# Cybersecurity doesn’t have to suck. Let’s fight cynicism and burnout. IN Blog, Cyber Asset Visibility and Management | August 25, 2022 BY Ashleigh Lee[!note] #### Notes / Comments
- None yet
#OP-ED
[!todo]- ### 20220827.01
[!tip]- #### Bookmarked Thread https://twitter.com/Securityblog/status/1563627492996415488?s=20&t=CaoAGAX7owOpwx3G1IhQRA
[!info] #### Base Thread https://medium.com/proferosec-osm/multi-factor-authentication-in-the-wild-bypass-methods-689f53f0b62b
Multi-factor Authentication In-The-Wild bypass methods | by Yuval Fischer | ProferoSec | Medium[!note] #### Notes / Comments
- None yet
#MFA #todo
[!todo]- ### 20220826.01
[!tip]- #### Bookmarked Thread https://twitter.com/startme/status/1563225274673942532?s=20&t=CaoAGAX7owOpwx3G1IhQRA
[!info] #### Base Thread
This [#OSINT](https://twitter.com/hashtag/OSINT?src=hashtag_click) page full of resources has managed to reach the biggest audience in the last week. Can you guess why? [https://start.me/p/rx6Qj8/nixintel-s-osint-resource-list](https://t.co/kNlfZoxwTS)[!note] #### Notes / Comments
- None yet
#OSINT #todo
[!example]- ### Example {{date.#1}}
[!tip]- #### Bookmarked Thread https://whatever.com
[!info] #### Base Thread https://actual.source.com
Stuff in the thread more stuff even more stuff[!note] #### Notes / Comments
- Nothing yet
- Still nothing
#todo added other tags