PowerShell Script – VMware vCenter CVE-2021-21972 Scan Tool

In this post, I am releasing a PowerShell POC script that will scan the specified target hosts and attempt to detect those that are vulnerable to VMware vCenter CVE-2021-21972. You can find the script, Invoke-CVE-2021-21972-Scan.ps1, on my github here: https://github.com/robwillisinfo/VMware_vCenter_CVE-2021-21972 Continue reading

Invoke-Decoder – A PowerShell script to decode/deobfuscate malware samples

I have been spending a lot of time reviewing PowerShell based attacks and malware over the last few months and I wanted to take some time to really understand how some of the common obfuscation techniques really work under the Continue reading

Everything You Need To Know To Get Started Logging PowerShell

Intro Recently, I have been spending a lot of time researching and working with PowerShell logging. Since PowerShell is readily available (built-in to the OS) and has an assortment of functionality that can be used across the entire kill chain Continue reading

Installing ELK 7 (Elasticsearch, Logstash and Kibana) – Windows Server 2016 (Part I)

I am a huge fan of the Elastic stack as it can provide a great deal of visibility into even the largest of environments, which can help enable both engineering and security teams rapidly triage technical issues or incidents at Continue reading

PowerEdge R610 – Updating Firmwares When the LifeCycle Controller Fails

Why You Should Always Update Firmwares! Security patches, new features and bug fixes – These are all very good reasons to ensure firmwares are up to date before moving your new servers into production. Things like the BIOS, RAID Controller, Continue reading

ELK Stack – Installing and Configuring Curator

In this post I am going to quickly cover what is needed to get Curator up and running on the ELK stack. In the last few posts about the ELK stack I covered everything needed to get it installed, configured Continue reading