PingCastle

by Vince
in Blog
Hits: 630

PingCastle is an auditing tool and oddly, when you view their website, they don't have an actual description of the product.  The site jumps straight into the uses, features, and benefits. 

In a nutshell, PingCastle quickly generates a comprehensive assessment of the overall posture of the domain.  For example, is SMBv1 enabled?  Can we attack the network with LLMNR poisoning because we're allowing Netbios over TCP?  But it goes beyond the low hanging fruit, it gets into the granular settings for AD accounts and it makes suggestions on how to better configure the domain. 

Read more

CyberChef

by Vince
in Blog
Hits: 1071

When I spoke at BSides earlier this year, I met a guy who works for a company that provides SOC as a service.  Our skills are not the same and if anything, he's on the receiving end of what I've create.  I had a question about some of the obfuscation techniques I use -- specifically, I wanted to know how someone would approach the obfuscated code.  He mentioned a tool -- CyberChef.  I'd never heard of it and looking back, I don't know how I haven't heard of it.  The description from their site states:  "CyberChef - The Cyber Swiss Army Knife".

Read more

Burp Suite : Failed to load module "canberra-gtk-module"

by Vince
in Blog
Hits: 977

On Kali, Burp Suite comes preinstalled as a self contained application inside of a .jar file.  I've never actually looked but I assume the shortcut is just something along the lines of java -jar burpsuite.jar (or whatever the full name is...).  On my Ubuntu system, Burp is installed via the installation script.  That was a choice I made for no particular reason but when Burp is upgraded, it isn't as simple as replacing a .jar file.  The download is a Bash script and while the previous upgrades have worked flawlessly, upgrading to 2020.5 fails to complete installation:

Read more