Understand Typenoscript in 5 minutes - Je suis un dev
https://www.jesuisundev.com/en/understand-typenoscript-in-5-minutes/

/ Windows RDP Event IDs Cheatsheet

It is becoming more and more common for bad actors to manipulate or clear the security event logs on compromised machines, and sometimes RDP sessions don’t even register as just a type 10 logon, depending on the circumstance. RDP activities will leave events in several different logs as action is taken and various processes are involved.

https://www.socinvestigation.com/windows-rdp-event-ids-cheatsheet/

Stealing and faking Azure AD device identities

How to steal identities of existing Azure AD joined devices, and how to fake identies of non-AAD joined Windows devices with AADInternals v0.6.6:

https://o365blog.com/post/deviceidentity/?s=09

The Ultimate Hacker's Roadmap 2022

https://github.com/0xTRAW/Cybersecurity-Roadmap

and from the same category - The Ultimate Hacker Roadmap

https://github.com/Kennyslaboratory/Ultimate-Hacker-Roadmap

Попалось тут - гейм на разных языках, программируешь героя он ходит, собирает кристаллы, разные языки (pyhon, javanoscript, lua) https://codecombat.com/play

Какой же сука пятница охуительный день

Escaping VMware’s NSX Edge OS Jailed Shell

In this blog post we provide details about a CLI injection vulnerability that we discovered during a penetration testing engagement against VMware Cloud Director. The vulnerability was identified on NSX Edge OS version < 6.4.13:

https://www.secforce.com/blog/escaping-vmwares-nsx-edge-os-jailed-shell/

Tutorial: Kubernetes Vulnerability Scanning & Testing With Open Source

https://www.conjur.org/blog/tutorial-kubernetes-vulnerability-scanning-testing-with-open-source/

FREE CYBERSECURITY SERVICES AND TOOLS from CISA

https://www.cisa.gov/free-cybersecurity-services-and-tools

MicrosoftSecurity Best Practices

Known as the AzureSecurity Compass or MicrosoftSecurity
Compass) is a collection of best practices that provideclear actionable guidancefor security related decisions.
This is designed to help you increaseyour security postureand reducerisk whether your environment is cloud-
only, or a hybrid enterprisespanning cloud(s) and on-premises data centers.This guidance was formerly
referred to as AzureSecurity Compass and is now increasing in scopeto encompass all Microsoft security
guidanceand capabilities, including Microsoft 365

Node.js Tutorial for Beginners: Learn Step by Step in 3 Days

https://www.guru99.com/node-js-tutorial.html

Docker optimization guide: the 12 best tips to optimize Docker image security

https://www.augmentedmind.de/2022/02/20/optimize-docker-image-security/

Bash Functions in Linux

When writing complex logic in Bash noscripts, it makes sense to group it in reusable functions.
In this quick tutorial, we’re going to take a look at how to define and use Bash functions:

https://www.baeldung.com/linux/bash-functions

Казалось бы - типичная ситуация: средиректить NGINX HTTP/HTTPS WWW домен на этот же домен или другой без WWW

Действительно, все просто, но есть нюанс - для корректного HTTPS WWW домена надо подложить небольшой конфиг, редиректящий на нужный таргет.

В общем родился такой вот пост, на заметочку - Лаконичный конфиг NGINX для редиректа с WWW и без

https://sys-adm.in/systadm/971-lakonichnyj-konfig-nginx-dlya-redirekta-s-www-i-bez.html

Скрипты для диагностики DNS появившиеся в рамках BLD DNS проекта

На сегодня их 5:
- DNS-TESTER
- BENCH-DNS
- CHECK-DNS-SERVERS
- MAC-DNS
- BLD-LOOKUP

О каждом из них, с примером результата работы скриптов, рассказал у себя в Sys-Adm.in блоге