KeePass Password Safe is a free and open-source password manager. I already wrotte a blog post 7 years ago about how to sync keepass to Google Drive. The howto is out of date, so I propose a new one :). This time, We’ll use the plugin KeePassSyncForDrive 1 / Plugin …
Read More »Create a custom cracking Wordlist
To perform a good pentest, nothing better than a custom wordlist to crack passwords. We may be able to generate a custom wordlist that reflects our knowledge of the target or the organization’s password policy (For example : 10chars min, Special chars …) Information Gathering To build a good wordlist, …
Read More »Monitor Windows security events with Centreon & NsClient++
If you don’t have any SIEM yet, you can start to monitor some Windows security events with Centreon & NsClient++. We’ll use the sheet cheat Top Windows events you should monitor to help us create desired services :) Prerequisites You need to have the following features already implemented : a …
Read More »Top Windows events you should monitor
Your infrastructure continuously generates log data that you can use to monitor network infrastructure and manage security events. I share you my cheat sheet of importants events that I used to monitor, but before, lets activate all the logs we need 1 / Enable Advanced auditing For some events we’ld …
Read More »Gophish : Familiarisez vos employés au phishing ! Part I : Installation
Gophish est un framework open-source, vous permettant de créer des campagnes de phishing. L’objectif, ici, est de sensibiliser les collaborateurs au phishing, et pourquoi pas, leur proposer des formations de sécurité informatique suite aux résultats des différentes campagnes de phishing. Dans cette première partie, nous allons installer GoPhish sur un …
Read More »