List/Grid Tag Archives: infosec

Kansa: A PowerShell-based incident response framework
Known unknowns and unknown unknowns If you follow information security, you know that information systems are constantly under attack and often fall victim to adversaries looking to make a quick…

Live Incident Response with PowerShell
We often see the offensive capabilities of PowerShell hit the headlines as it is more attractive. It’s good to know and see what attackers do to penetrate your network, execute…

Investigating PowerShell Attacks
“Huh, that’s weird. Look at this system. I think the attacker used PowerShell.” It was late summer 2012, and we were working on an incident response investigation for a Fortune…

Posh-Shodan module for the Shodan service
What is Shodan? Shodan is a search engine that lets one find hosts on the internet using a variety of filters. The search engine is constantly scanning and updating its…

Veil-PowerView
I was led to PowerShell in the past few years as it began to rise to prominence in the information security community. As a penetration tester and red teamer for…

Introduction to the PoshSec Framework
In March of 2013 I had the desire to create an open source Security Information and Event Management system, also known as a SIEM. I had wanted to create something…