This article introduces a professional-grade PowerShell script that identifies Domain Controllers using native .NET sockets, bypassing the overhead of standard administrative cmdlets. Most internal reconnaissance starts with finding the Domain Controllers. While a simple nslookup -q=srv _ldap._tcp.dc._msdcs.domain.local works, it has three major flaws: Hard-coding: It assumes you already know the domain name. Parsing: It returns Read More …
Category: Computers
Tool Overview: theHarvester
theHarvester is an open-source tool designed for the reconnaissance phase of a penetration test or security audit. Developed by Christian Martorella, it is written in Python and serves as a framework for gathering open-source intelligence (OSINT). Its primary function is to collect emails, subdomains, hosts, employee names, open ports, and banners from various public data Read More …
Tool Overview: Maigret
Maigret is an open-source intelligence (OSINT) tool designed to automate the process of username reconnaissance. Developed as a fork of Sherlock, Maigret expands upon the concept of searching for a specific identifier across a vast array of websites to build a profile of an individual’s digital footprint. Core Functionality Maigret operates by taking a single Read More …
Automating the Audit
Stop Staring at DNS Records If you are new to Information Security, you’ll quickly learn that visibility is your best friend. One of the first things I look at when assessing a domain’s posture is its DMARC (Domain-based Message Authentication, Reporting, and Conformance) record. DMARC tells the world how to handle emails that claim to be Read More …
A Powerful OSINT Tool for Username Discovery
The ability to gather intelligence efficiently is a foundational skill. One effective tool for early stages is Sherlock. Named after the legendary detective, Sherlock is an open-source, Python-based tool designed to help security professionals and researchers locate a specific username across hundreds of different websites and social media platforms simultaneously. How Sherlock Works Sherlock operates Read More …
SPA – Single-Page Application
Modern Web Architecture and Security This was a new term for me as I started putting together my most recent study guide. SPA, which stands for Single-Page Application. While it sounds like a simple website, an SPA represents a fundamental shift in how web applications function, bringing unique challenges to the world of information security. Read More …
Connecting Code to Capital: Understanding EPS
In the IT sector, we often measure success through “per unit” metrics: requests per second, cost per gigabyte, or tickets per agent. In the world of public markets and executive leadership, the ultimate “per unit” metric is EPS, or Earnings Per Share. For an IT professional aiming for a managerial role, EPS is the bridge Read More …
Cloud Formation Example
Imagine you’re a System Administrator tasked with setting up a new environment. Traditionally, this involves a long checklist: log into the console, click through menus to create a VPC, spin up three VMs, configure storage, attach security groups, and set up a load balancer. If you need a second environment for testing, you have to do Read More …
Fine-Tuning an AI
We’ve talked about grounding (giving an AI a textbook to look at) and prompting (giving an AI clear instructions). But sometimes, you don’t just want the AI to look at a book; you want the AI to become an expert in its bones. This is called Fine-Tuning. Generalist vs. Specialist Think of a standard AI Read More …
IaC – Infrastructure as Code
The Recipe for Modern IT In the traditional world of IT, setting up a server was a craft. A sysadmin would log in, click through menus, install packages, and tweak settings until everything worked. I know, I did this job for much of my early career. But much like a chef cooking a complex signature Read More …