• Home
  • Resume
  • About
  • Contact
  • PGP Key
Blog Logo

Wylie Bayes

Geek things

OpenBSD Powershell Blog
Ghost Blogging Platform - Installation on OpenBSD 6.7 -stable

Ghost Blogging Platform - Installation on OpenBSD 6.7 -stable

26 May 2020
I originally published this on: https://hackersnhops.com/openbsd-6-7-ghost-platform/…
Continue Read

Building A Detection Lab With Security Onion

04 Oct 2019
Google Docs Slides - https://docs.google.com/presentation/d/1ojFY5Jvc6M9dKXs1qSuh6UoWc2zqL6xREbojRL921bU/edit?usp=sharing PDF Slides - https://wmfb.co/txt/SecOnion_DetectLab.pdf Above are the slides that were presented at the Security Onion + Bsides Augusta conference on October 4th 2019. Recorded talk on YouTube:  https://youtu.be/JOvWCQ-PHHY…
Continue Read

Alternate Data Streams, and Extended File Attributes.

24 Aug 2019
Alternate data streams (ADS) are an NTFS file system only capability to be able to add data onto an additional "Stream" of a file without altering the contents of the file itself, or modify it's hash value in anyway.   First we are going to create a new file, and add some data into it.  This can be any type of file, or an already existing file as long as it resides on an NTFS partition. Creating a new file, adding…
Continue Read
AlienVault OTX(Online Threat Exchange) - Powershell IoC Collector

AlienVault OTX(Online Threat Exchange) - Powershell IoC Collector

19 Mar 2018
So I wanted to automate IoC(Indicators of Compromise) collection and discovered AlienVault OTX product. I work in a primarily windows workstation environment and Powershell is my goto language for just about everything since since it is native on every system since Windows 7. Below is a script I developed to gather indicators from all subscribed pulses on OTX with powershell. It gathers each indicator by type, IE: IPv4, URL, Hostname etc, and then exports each seperate indicator type into…
Continue Read

Abusing Tenable Nessus / Security Center with Audit Files and Powershell. #Nessus #Infosec #ExploitDelivery #RBACBypass #InsiderThreat

27 Jul 2017 Powershell • Blog
Title: Abuse of Tenable Nessus/Security Center with Audit Files and Powershell. Class: Exploit Delivery System/RBAC Bypass/Insider Abuse/Pivot Vector. Signed PDF with Keybase PGP key Wylie's PGPKey Date Published: 2017-07-27 Last Update: 2017-06-22 Vendors contacted: Tenable Network Security - https://www.tenable.com 2016-12-05 - First notification sent by Wylie Bayes to Tenable Consultant Jack Daniel. 2016-12-07 - Acknowledgement of first notification received from Tenable team. 2017-01-04 - Sent follow up email for progress update to Tenable…
Continue Read
OpenBSD -current IPv6 Router.  Clients: #Windows, #Android, #Linux, #Openbsd.  Xfinity/Comcast cable internet. Native #IPv6

OpenBSD -current IPv6 Router. Clients: #Windows, #Android, #Linux, #Openbsd. Xfinity/Comcast cable internet. Native #IPv6

12 May 2017
So this is a follow up article revisiting using native Comcast(Xfinity) internet with your OpenBSD router provide IPv6 connectivity to all of your devices on your LAN. I first attempted this around OpenBSD 5.4, and had moderate success, but there were still some bugs to be worked out. Now that we are up to OpenBSD 6.1, things seem to be much more refined! This has been fully tested through 6.4 and on -current 6.5 snapshots…
Continue Read

Quick and dirty #Powershell forward and reverse #whois.

28 Feb 2017 Blog • Powershell
Just a real quick way to do whois lookups on domains, and IP addresses, in Powershell. Forward lookup uses Webservicex.net, and reverse uses Arin.net. function whois($site) { #Syntax: whois google.com $web = New-WebServiceProxy ‘http://www.webservicex.net/whois.asmx?WSDL’ $web.GetWhoIs("$($site)") } function rwhois($ip){ #syntax: whois 8.8.8.8 $baseURL = 'http://whois.arin.net/rest' $url = "$baseUrl/ip/$ip" $r = Invoke-RestMethod $url $r.net } Cheers!…
Continue Read

Checking #Lastpass saved sites for #Cloudflare with #Powershell. #Cloudbleed #Infosec

24 Feb 2017 Blog • Powershell
So as everyone already knows there was a huge leak of data for months for websites who use Cloudflare services. To make my changing of passwords a bit easier, and more focused / targeted I put together a little setup to check all of my Lastpass saved sites for Cloudflare name servers. First I exported my Lastpass information to a .txt format from their website export feature. Then I used a quick and dirty parsing -replace feature of powershell to clean…
Continue Read

#VMWare Killing Stuck, or Hung tasks with #Powershell #PowerCLI

21 Feb 2017 Blog • Powershell
Recently I ran into an issue where a Powered Off VM was stuck in a vMotion host migration for over 3 days. I assume that the VM was powered off during the migration, which is what caused it to hang. Afterwards two backup job snapshot tasks were also in queue on top of the migration task. I spent about 10-15 minutes in the GUI trying to find how to kill or stop this task, unsuccessfully. The only option I could…
Continue Read

Switched to Ghost blogging platform. #ghost #openbsd #nginx

26 Dec 2016
Just throwing up a quick note to say I switched my site to Ghost blogging platform. Am running wordpress/httpd side by side for my other peeps. SSL cert is up and operational. All the encryptions.…
Continue Read
Page 1 of 3 Older Posts →
All content copyright Wylie Bayes © 2021 • All rights reserved.
Theme By GTheme