GatewayD Labs’ Post

Improve your Active Directory security with the new Adalanche v2024.1.11 release! It's been 8 months since the last release, and here's what happened since then: - UI refresh based on BootStrap in dark mode (halfmoonui 2.x) - Queries now have dedicated input fields for targets, middle nodes and outer nodes (easier to search for e.g. path from DC to person) - New layout engine COSE Bilkent (available in the visualization panel) - Improved info on exposed cPasswords - Internal node class is now available as 'type' attribute - ForeignSecurityPrincipal is almost gone now, as it wasn't adding value in the graph - You can export words from the domain to a file, for use with hashcat rule cracking if you're doing password audits - New edges: constrained delegation, interitssecurity - New attribute: publishedby (who publishes a cert template) - Updated the readme/docs/screenshots to reflect changes - Lots of bugfixes and engine improvements There are also sample data available in my "adalanche-sampledata" Github repository, so you can take it for a spin without extracting data from your production environment. Please share with your friends and colleagues - and I love feedback, good or bad. The new release is here: https://lnkd.in/d-TmYu8X

Now fully tested and complete with a usage message just to make it the easiest thing in the world to automate an Arch installation tailored to how I do it.

Spent the last week updating Corelight Elastic dashboards. This involved a lot of fixing of existing search queries. I did get to spend a good amount of time with Keith Jones, Ph.D., as he walked me through the BacNet protocol as we created the first of the ICS protocol dashboards. A single page breaks down Zeek BacNet in the following ways: the overall number of reads/writes and errors to get an overall feel of the network. From there it is then broken down into a few simple questions; are there any BacNet connections from outside your local network? Who is sending write requests, how many devices, and what are the vendors on your network? If there is any feedback or requests, please let us know. https://lnkd.in/gyRZwm7N

In today's release 25.0.0 of the OSS Review Toolkit (ORT) we have completed the process of upstreaming all of our additions to ORT core for leveraging the Double Open Server (DOS) as a scanner wrapper and package configuration provider. 🎉 https://lnkd.in/eC45NZx4 With its file-level reuse of scan results and clearance information, DOS significantly reduces the turn around times for incremental scans and the compliance process as a whole! 🚀 #oss_compliance_with_oss_tools

The Cozystack v0.7.0 release stabilizes the operation with tenant Kubernetes clusters and networking: - Kube-ovn and Cilium have been updated to the latest versions - Resolved an issue with pod communication in tenant Kubernetes clusters - Fixed the problem with propagating correct DNS servers in user clusters - Addressed incorrect handling of users and roles in the config of the Postgres application - Resolved issues with non-functioning externalTrafficPolicy: Cluster - Autocompaction and periodic defragmentation have been enabled for etcd. - It is now suggested to use the domain cozy.local for the parent cluster, enabling services created in the parent to be reached from tenant Kubernetes clusters using a single DNS name or FQDN. https://lnkd.in/eAvnumuw

Hi guys, I read a couple of articles about the Crowdstruke remediation and everything I saw makes it seem like for all situations you 100% have to go by hand and wanted to share a solution that may help you. Especially if you are mostly VMware and do not have Bitlocker in the picture. I’ve documented some steps to create a WinPE image you can boot to and fix without requiring user input… I’ll link them at the bottom. The high level is creating a WinPE image that has a script built in to do the deletion and then either reboot or shut down the system. Using PowerCLI you can automate swapping over to boot from Cd, Mount the iso, and power the VM up. I put together a POC on a test box and it only requires a few seconds and given that there is no user input required it should scale nicely. I swap to CD boot order, mount the ISO, power the VM up… the last step of the removal script is to power down the VM (let’s you know the VM is down) once powered down swap the boot order back, dismount the ISO, and bring the VM back up. If you are having a hard time with it let me know, happy to help. https://lnkd.in/d28HjsCW

A CLI tool to share select environment variables with someone else, easily and securely. This tool is built on top of magic-wormhole, which allows for secure, accountless P2P transfer of data.

Building on my previous work on codecrafters simple http server challenge, link to see the challenge https://shorturl.at/zSqVg I started implementing the handler function. It functions as the server's brain and handles the following: Identifying valid requests. It checks for typical HTTP methods (GET/POST) and ensures that the requested endpoint exists (for example, "echo" or "user-agent"). Crafting responses: It generates appropriate answers based on the request type and endpoint used. For example, a legitimate "echo" request will return a 200 OK response with the echoed content in the body and Content-Type and Content-Length headers sets. Error handling: If the request method or endpoint is invalid, the server will send a 404 Not Found message. next I will do endpoint functionalities, based on my code do you have any tips or suggestions how to approach?

The new Release of SDI2DDL is out 🎉 . Shout out to Frederic Descamps for his contributions 🙏 . This version highlights: - Add support for Generated Invisible Primary Key (GIPK) - Merci LeFred. - Fixed default value for datetime fields - Merci Lefred (again). - Print the default collation for the table. - Fixed functional index skipping columns. Check it out: https://lnkd.in/dKqiEu46 #mysql #opensource

Cozystack v0.9.0 Release: Enhancing Stability for User Kubernetes Clusters The release of Cozystack v0.9.0 (https://lnkd.in/gEpqA3FN) is now available for download, installation, or updating your existing installation. Key Updates in Kubernetes Application: — Node Groups: Allow upgrading existing node groups. — Version Upgrade: Kubernetes and its surrounding tooling have been updated to v1.30.1, bringing the latest features and improvements. Other Component Updates: — KubeVirt: Updated to version v1.2.2, bringing enhanced virtualization capabilities. — Kamaji: Updated to version v1.0.0, providing better control plane management. — Cluster API: Updated with hardcoded component versions to ensure stability and compatibility. — Piraeus: Updated to version v2.5.1, enhancing storage management and performance. Download the latest version of Cozystack v0.9.0 to take advantage of these enhancements: https://lnkd.in/gEpqA3FN