News
Ok with my AI companion GROK I’ve gone exploring on the differences between Japan’s new cyber laws and the UK! This is more GROK than me, but I thought people might find this interesting!
Read more “Japan goes on the Cyber Offensive”
Hacking
TLDR: If you have been hunting for privescs before you will know it’s normally not a fast task, you will have a shed ton of data to look at. Sure WINPEAS is good but it’s not a silver bullet.
Here is a really small script which focuses on system administration files/scripts, scheduled tasks and scheduled task history to help you hunt for weaknesses:
Read more “Priviledge Escalation Hunting – Scheduled Tasks and Scripts”
Education
Useful for a range of defensive and offensive purposes, internet asset search platforms enable a range of activities from:
Each has its own interfaces, features, dataset sand styles.
I’ve put together a list of the most popular, there may be more that I haven’t listed.
Read more “Passive Port Scanners & Internet Asset Discovery Platforms”
Defense
I do not know Mr Martin, but I would assume that his role at NCSC and GCHQ would have given him a good insight into the realities of cybercrime, cyber terrorism, nation state affairs and how to effectively defend against cyber criminals (and other threat actors) so please read this blog as it is intended, it’s an analysis on the quoted statements and reporting style and general view of mine about current cyber war rhetoric, not an analysis of the person. Why am I writing this? Well, I am seeing an increased level of FUD, snake oil and cyber war rhetoric and I wanted to share some of my thoughts, opinions, and ideas in this space. For it is far too easy to call for war and in cyberspace do we even know what that means? Read more “Combating Cyber Crime: Should we really be charging to cyber war?”