Use AWS Security Token Service (STS) to let low-privileged user temporarily assume privileged role in other account

Imagine one of your contractors usually does not need access to your AWS S3 buckets (or only access to buckets … More Use AWS Security Token Service (STS) to let low-privileged user temporarily assume privileged role in other account

Script to set up port forwarding, start/stop & automatically SSH into headless VirtualBox VM

Virtual machines are very useful not only on servers or in cloud environments, but also installed locally on a workstation … More Script to set up port forwarding, start/stop & automatically SSH into headless VirtualBox VM

“Stealing the environment” – Insecure password injection in scripts and containers via environment variables

An “interesting” part when working with APIs or runtime environments like containers is of course credential management. Somehow you have … More “Stealing the environment” – Insecure password injection in scripts and containers via environment variables

Quick and easy setup for NetworkMiner and Suricata to perform network forensics

Many people know Suricata as network intrusion detection (IDS) system, i.e. acting on live traffic; many people know NetworkMiner as … More Quick and easy setup for NetworkMiner and Suricata to perform network forensics

Script to enumerate Windows events with name, ID, security monitoring recommendation, URL

When setting up and tuning a SIEM solution, you will write a lot of rules to detect well-known and arising … More Script to enumerate Windows events with name, ID, security monitoring recommendation, URL