Dana Epp
More pwnage... privesc to root in pwncat using dirtypipe
For the pwncat fans out there, I bring you privesc to root via CVE-2022-0847.
Search
Dana Epp
- Feb 12
- 1 min
Automatically privesc to root in pwncat using pwnkit
I released a custom pwnkit module for pwncat that automatically exploits CVE-2021-4034 to priv esc to root. Enjoy!
Dana Epp
- Feb 10
- 8 min
Why security research in the MSP space is abysmal
Security research in the MSP space is abysmal. Huntress is going to have a hard uphill battle getting vendors to participate in bug bounties
Dana Epp
- Feb 7
- 6 min
How to approach reverse engineering ELF x64 buffer overflows these days
So this weekend TryHackMe released a new challenge room called DearQA. It's marked as an Easy room, and it didn't take much time at all...
Dana Epp
- Jan 21
- 1 min
Detonate your log4shell payloads safely with Lumberjack Turtle
Safely do recon, find a vulnerable target and detonate your JNDI injection payloads to get root in this TryHackMe challenge room I wrote.
Dana Epp
- Jun 20, 2021
- 1 min
Honeytokens: Detecting Attacks to Your Web Apps Using Decoys and Deception
Recently I had the opportunity to present my views on how to use honeytokens to help you detect early on in the attack chain when hackers...
Dana Epp
- Feb 20, 2020
- 1 min
How to detect when emergency accounts are used in Azure AD
So in the latest episode of #KnowOps I help a community member out by showing how to setup Azure to detect and alert when emergency...
Dana Epp
- Feb 13, 2020
- 1 min
How to secure your Azure storage accounts properly
Azure relies heavily on Azure Storage. From your VM disks to your application queues, chances are you have sensitive data already saved...
Dana Epp
- Feb 6, 2020
- 1 min
How to restrict network access to Azure Key Vault
So in this week's episode of #KnowOps I help answer the question on how to lock down Internet access to your Azure Key Vault through the...
Dana Epp
- Feb 2, 2020
- 1 min
Azure Fundamental for Ethical Hackers and Special Ops Team
Fellow MVP and ethical hacker Nino Crudele has released an awesome free whitepaper on the Azure Fundamental for Ethical Hackers and...
Dana Epp
- Jan 30, 2020
- 1 min
How to use Managed Identities to access Azure resources securely
New episode of #KnowOps is out. I demonstrate how you can use "managed identities" inside of a virtual machine running in Azure to access...
Dana Epp
- Jan 23, 2020
- 1 min
How to keep your 'secrets' secret in Azure
Latest episode of #KnowOps is out. I show how to use Azure Key Vault to protect secrets that you can use pretty much everywhere in Azure,...
Dana Epp
- Jan 16, 2020
- 1 min
ARM Template Basics
You gotta ❤ the power of Infrastructure as Code. Being able to describe your cloud environment in a text file and spin it up with a...
Dana Epp
- Jan 9, 2020
- 1 min
How to learn Azure for FREE in 2020
Throughout 2019 I took time every month to brush up on my skills in Azure. I paid for online courses, attended seminars and even...
Dana Epp
- Dec 29, 2019
- 1 min
Helping to understand Azure from an AWS perspective
If you are an AWS professional coming to Azure it can be easy... and yet confusing. Azure and AWS built their capabilities independently...
Dana Epp
- Dec 20, 2019
- 1 min
How to setup your Azure Subscriptions the right way
In the latest episode of #KnowOps I help clarify how you should consider setting up your Azure subscriptions when you first start...
Dana Epp
- Dec 6, 2019
- 1 min
Recon your Azure resources with Kusto Query Language (KQL)
Latest episode of #KnowOps is out. I introduce you to how I sift through millions of records of audit data in Azure in a matter of...
Dana Epp
- Nov 22, 2019
- 1 min
How to keep up with changes in Azure (CHECK OUT THIS AWESOME TOOL!)
It seems like almost every day Microsoft makes improvements to Azure. Being a better Azure administrator means you need to keep up with...
Dana Epp
- Nov 8, 2019
- 1 min
What pizza and Azure cloud computing have in common
Another episode of #KnowOps you might be interested in. I talk about the different cloud computing options in a way for new admins to...
Dana Epp
- Oct 30, 2019
- 1 min
Is your data secure in Azure?
Recently I have had the opportunity to engage with peers on social media about how secure their data is in Azure. It brought up some...