SOGU File Searcher – ConnectWise Automate Script

2018-10-03T23:23:46+01:00October 3rd, 2018|

Following the release today by the United States Computer Emergency Readiness Team (https://www.us-cert.gov/APTs-Targeting-IT-Service-Provider-Customers), one of the steps they recommend is to use tools to detect intrusions and identify compromised systems and that these tool reports on APT (advanced persistent threat) actors using Sogu (also called PlugX) to compromise MSP systems. NCCIC recommends that network defenders use these tools to help [...]

Spectre/Meltdown Vulnerability Detection – Free Detection Solution

2018-11-06T02:48:45+00:00January 16th, 2018|

I started working on this as soon as there was a reasonably easy way to detect vulnerable machines on Windows. It includes: A script that you run against agents, which sets EDFs and highlights numerous things (BIOS/Firmware update, notes, whether certain mitigations are enabled and whether you are secure) A Dataview that you can import to have a good [...]